Просмотр исходного кода

haproxy: bump to version 1.5.2

 - [RELEASE] Released version 1.5.2
 - [PATCH 1/2] DOC: mention that Squid correctly responds 400 to PPv2
 - [PATCH 2/2] DOC: fix typo in Unix Socket commands

Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
Thomas Heil 10 лет назад
Родитель
Сommit
48438302f5
28 измененных файлов: 61 добавлений и 2211 удалений
  1. 3
    3
      net/haproxy/Makefile
  2. 0
    44
      net/haproxy/patches/0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch
  3. 29
    0
      net/haproxy/patches/0001-DOC-mention-that-Squid-correctly-responds-400-to-PPv.patch
  4. 0
    100
      net/haproxy/patches/0002-BUG-MINOR-ssl-Fix-external-function-in-order-not-to-.patch
  5. 29
    0
      net/haproxy/patches/0002-DOC-fix-typo-in-Unix-Socket-commands.patch
  6. 0
    41
      net/haproxy/patches/0003-BUG-MINOR-counters-do-not-untrack-counters-before-lo.patch
  7. 0
    64
      net/haproxy/patches/0004-BUG-MAJOR-sample-correctly-reinitialize-sample-fetch.patch
  8. 0
    108
      net/haproxy/patches/0005-MINOR-stick-table-make-stktable_fetch_key-indicate-w.patch
  9. 0
    56
      net/haproxy/patches/0006-BUG-MEDIUM-counters-fix-track-sc-to-wait-on-unstable.patch
  10. 0
    27
      net/haproxy/patches/0007-BUILD-remove-TODO-from-the-spec-file-and-add-README.patch
  11. 0
    43
      net/haproxy/patches/0008-MINOR-log-make-MAX_SYSLOG_LEN-overridable-at-build-t.patch
  12. 0
    359
      net/haproxy/patches/0009-MEDIUM-log-support-a-user-configurable-max-log-line-.patch
  13. 0
    27
      net/haproxy/patches/0010-MINOR-stats-fix-minor-typo-in-HTML-page.patch
  14. 0
    44
      net/haproxy/patches/0011-BUG-MEDIUM-unix-do-not-unlink-abstract-namespace-soc.patch
  15. 0
    28
      net/haproxy/patches/0012-DOC-provide-an-example-of-how-to-use-ssl_c_sha1.patch
  16. 0
    101
      net/haproxy/patches/0013-BUILD-http-fix-isdigit-isspace-warnings-on-Solaris.patch
  17. 0
    31
      net/haproxy/patches/0014-BUG-MINOR-listener-set-the-listener-s-fd-to-1-after-.patch
  18. 0
    152
      net/haproxy/patches/0015-BUG-MEDIUM-unix-failed-abstract-socket-binding-is-re.patch
  19. 0
    123
      net/haproxy/patches/0016-MEDIUM-listener-implement-a-per-protocol-pause-funct.patch
  20. 0
    47
      net/haproxy/patches/0017-MEDIUM-listener-support-rebinding-during-resume.patch
  21. 0
    70
      net/haproxy/patches/0018-BUG-MEDIUM-unix-completely-unbind-abstract-sockets-d.patch
  22. 0
    39
      net/haproxy/patches/0019-DOC-explicitly-mention-the-limits-of-abstract-namesp.patch
  23. 0
    197
      net/haproxy/patches/0020-DOC-expand-the-docs-for-the-provided-stats.patch
  24. 0
    137
      net/haproxy/patches/0021-BUG-MEDIUM-backend-Update-hash-to-use-unsigned-int-t.patch
  25. 0
    74
      net/haproxy/patches/0022-DOC-minor-fix-on-sc-src-_kbytes_-in-out.patch
  26. 0
    83
      net/haproxy/patches/0023-DOC-fix-alphabetical-sort-of-converters.patch
  27. 0
    166
      net/haproxy/patches/0024-BUG-MAJOR-http-correctly-rewind-the-request-body-aft.patch
  28. 0
    47
      net/haproxy/patches/0025-DOC-remove-references-to-CPU-native-in-the-README.patch

+ 3
- 3
net/haproxy/Makefile Просмотреть файл

@@ -9,11 +9,11 @@
9 9
 include $(TOPDIR)/rules.mk
10 10
 
11 11
 PKG_NAME:=haproxy
12
-PKG_VERSION:=1.5.1
13
-PKG_RELEASE:=25
12
+PKG_VERSION:=1.5.2
13
+PKG_RELEASE:=02
14 14
 PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
15 15
 PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
16
-PKG_MD5SUM:=49640cf3ddd793a05fbd3394481a1ed4
16
+PKG_MD5SUM:=e854fed32ea751d6db7f366cb910225a
17 17
 PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
18 18
 PKG_LICENSE:=GPL-2.0
19 19
 

+ 0
- 44
net/haproxy/patches/0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch Просмотреть файл

@@ -1,45 +0,0 @@
1
-From c1fbbd4a3dd480b4eebbd8b32ca6cdf08791477a Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Tue, 24 Jun 2014 17:27:02 +0200
4
-Subject: [PATCH] BUG/MEDIUM: http: fetch "base" is not compatible with
5
- set-header
6
-
7
-The sample fetch function "base" makes use of the trash which is also
8
-used by set-header/add-header etc... everything which builds a formated
9
-line. So we end up with some junk in the header if base is in use. Let's
10
-fix this as all other fetches by using a trash chunk instead.
11
-
12
-This bug was reported by Baptiste Assmann, and also affects 1.5.
13
-(cherry picked from commit 3caf2afabe89fb0ef0886cd1d8ea99ef21ec3491)
14
----
15
- src/proto_http.c | 6 ++++--
16
- 1 file changed, 4 insertions(+), 2 deletions(-)
17
-
18
-diff --git a/src/proto_http.c b/src/proto_http.c
19
-index 231d49a..5321f7d 100644
20
---- a/src/proto_http.c
21
-+++ b/src/proto_http.c
22
-@@ -10247,6 +10247,7 @@ smp_fetch_base(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
23
- 	struct http_txn *txn = l7;
24
- 	char *ptr, *end, *beg;
25
- 	struct hdr_ctx ctx;
26
-+	struct chunk *temp;
27
- 
28
- 	CHECK_HTTP_MESSAGE_FIRST();
29
- 
30
-@@ -10255,9 +10256,10 @@ smp_fetch_base(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
31
- 		return smp_fetch_path(px, l4, l7, opt, args, smp, kw);
32
- 
33
- 	/* OK we have the header value in ctx.line+ctx.val for ctx.vlen bytes */
34
--	memcpy(trash.str, ctx.line + ctx.val, ctx.vlen);
35
-+	temp = get_trash_chunk();
36
-+	memcpy(temp->str, ctx.line + ctx.val, ctx.vlen);
37
- 	smp->type = SMP_T_STR;
38
--	smp->data.str.str = trash.str;
39
-+	smp->data.str.str = temp->str;
40
- 	smp->data.str.len = ctx.vlen;
41
- 
42
- 	/* now retrieve the path */
43
-1.8.5.5
44
-

+ 29
- 0
net/haproxy/patches/0001-DOC-mention-that-Squid-correctly-responds-400-to-PPv.patch Просмотреть файл

@@ -0,0 +1,29 @@
1
+From a124eb6d7838eff2c52cc9bf027594c11e87fae9 Mon Sep 17 00:00:00 2001
2
+From: Willy Tarreau <w@1wt.eu>
3
+Date: Sat, 12 Jul 2014 17:31:07 +0200
4
+Subject: [PATCH 1/2] DOC: mention that Squid correctly responds 400 to PPv2
5
+ header
6
+
7
+Amos reported that Squid builds 3.5.0.0_20140624 and 3.5.0.0_20140630
8
+were confirmed to respond correctly here and that any version will do
9
+the same.
10
+(cherry picked from commit 9e1382002aa1ba12dcc637870befd077ff887aad)
11
+---
12
+ doc/proxy-protocol.txt | 1 +
13
+ 1 file changed, 1 insertion(+)
14
+
15
+diff --git a/doc/proxy-protocol.txt b/doc/proxy-protocol.txt
16
+index a2dbcea..a3925a4 100644
17
+--- a/doc/proxy-protocol.txt
18
++++ b/doc/proxy-protocol.txt
19
+@@ -692,6 +692,7 @@ presented, even with minimal implementations :
20
+     - thttpd 2.20c     : 400 Bad Request + abort => pass/optimal
21
+     - mini-httpd-1.19  : 400 Bad Request + abort => pass/optimal
22
+     - haproxy 1.4.21   : 400 Bad Request + abort => pass/optimal
23
++    - Squid 3          : 400 Bad Request + abort => pass/optimal
24
+   - SSL :
25
+     - stud 0.3.47      : connection abort        => pass/optimal
26
+     - stunnel 4.45     : connection abort        => pass/optimal
27
+-- 
28
+1.8.5.5
29
+

+ 0
- 100
net/haproxy/patches/0002-BUG-MINOR-ssl-Fix-external-function-in-order-not-to-.patch Просмотреть файл

@@ -1,101 +0,0 @@
1
-From 4910098653e356f814924663b4ddf71c971a71d6 Mon Sep 17 00:00:00 2001
2
-From: Emeric Brun <ebrun@haproxy.com>
3
-Date: Tue, 24 Jun 2014 18:26:41 +0200
4
-Subject: [PATCH 2/6] BUG/MINOR: ssl: Fix external function in order not to
5
- return a pointer on an internal trash buffer.
6
-
7
-'ssl_sock_get_common_name' applied to a connection was also renamed
8
-'ssl_sock_get_remote_common_name'. Currently, this function is only used
9
-with protocol PROXYv2 to retrieve the client certificate's common name.
10
-A further usage could be to retrieve the server certificate's common name
11
-on an outgoing connection.
12
-(cherry picked from commit 0abf836ecb32767fa1f9ad598f3e236e073491bd)
13
----
14
- include/proto/ssl_sock.h |  2 +-
15
- src/connection.c         |  5 ++---
16
- src/ssl_sock.c           | 23 +++++++++++------------
17
- 3 files changed, 14 insertions(+), 16 deletions(-)
18
-
19
-diff --git a/include/proto/ssl_sock.h b/include/proto/ssl_sock.h
20
-index 0902fde..3e111cd 100644
21
---- a/include/proto/ssl_sock.h
22
-+++ b/include/proto/ssl_sock.h
23
-@@ -52,7 +52,7 @@ const char *ssl_sock_get_cipher_name(struct connection *conn);
24
- const char *ssl_sock_get_proto_version(struct connection *conn);
25
- char *ssl_sock_get_version(struct connection *conn);
26
- int ssl_sock_get_cert_used(struct connection *conn);
27
--char *ssl_sock_get_common_name(struct connection *conn);
28
-+int ssl_sock_get_remote_common_name(struct connection *conn, struct chunk *out);
29
- unsigned int ssl_sock_get_verify_result(struct connection *conn);
30
- #ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
31
- int ssl_sock_update_ocsp_response(struct chunk *ocsp_response, char **err);
32
-diff --git a/src/connection.c b/src/connection.c
33
-index 0b154d8..20a911b 100644
34
---- a/src/connection.c
35
-+++ b/src/connection.c
36
-@@ -682,9 +682,8 @@ int make_proxy_line_v2(char *buf, int buf_len, struct server *srv, struct connec
37
- 				tlv->verify = htonl(ssl_sock_get_verify_result(remote));
38
- 			}
39
- 			if (srv->pp_opts & SRV_PP_V2_SSL_CN) {
40
--				value = ssl_sock_get_common_name(remote);
41
--				if (value) {
42
--					tlv_len = make_tlv(&buf[ret+ssl_tlv_len], (buf_len - ret - ssl_tlv_len), PP2_TYPE_SSL_CN, strlen(value), value);
43
-+				if (ssl_sock_get_remote_common_name(remote, &trash) > 0) {
44
-+					tlv_len = make_tlv(&buf[ret+ssl_tlv_len], (buf_len - ret - ssl_tlv_len), PP2_TYPE_SSL_CN, trash.len, trash.str);
45
- 					ssl_tlv_len += tlv_len;
46
- 				}
47
- 			}
48
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
49
-index 328b978..375225d 100644
50
---- a/src/ssl_sock.c
51
-+++ b/src/ssl_sock.c
52
-@@ -2654,21 +2654,25 @@ char *ssl_sock_get_version(struct connection *conn)
53
- 	return (char *)SSL_get_version(conn->xprt_ctx);
54
- }
55
- 
56
--/* returns common name, NULL terminated, from client certificate, or NULL if none */
57
--char *ssl_sock_get_common_name(struct connection *conn)
58
-+/* Extract peer certificate's common name into the chunk dest
59
-+ * Returns
60
-+ *  the len of the extracted common name
61
-+ *  or 0 if no CN found in DN
62
-+ *  or -1 on error case (i.e. no peer certificate)
63
-+ */
64
-+int ssl_sock_get_remote_common_name(struct connection *conn, struct chunk *dest)
65
- {
66
- 	X509 *crt = NULL;
67
- 	X509_NAME *name;
68
--	struct chunk *cn_trash;
69
- 	const char find_cn[] = "CN";
70
- 	const struct chunk find_cn_chunk = {
71
- 		.str = (char *)&find_cn,
72
- 		.len = sizeof(find_cn)-1
73
- 	};
74
--	char *result = NULL;
75
-+	int result = -1;
76
- 
77
- 	if (!ssl_sock_is_ssl(conn))
78
--		return NULL;
79
-+		goto out;
80
- 
81
- 	/* SSL_get_peer_certificate, it increase X509 * ref count */
82
- 	crt = SSL_get_peer_certificate(conn->xprt_ctx);
83
-@@ -2679,13 +2683,8 @@ char *ssl_sock_get_common_name(struct connection *conn)
84
- 	if (!name)
85
- 		goto out;
86
- 
87
--	cn_trash = get_trash_chunk();
88
--	if (ssl_sock_get_dn_entry(name, &find_cn_chunk, 1, cn_trash) <= 0)
89
--		goto out;
90
--	cn_trash->str[cn_trash->len] = '\0';
91
--	result = cn_trash->str;
92
--
93
--	out:
94
-+	result = ssl_sock_get_dn_entry(name, &find_cn_chunk, 1, dest);
95
-+out:
96
- 	if (crt)
97
- 		X509_free(crt);
98
- 
99
-1.8.5.5
100
-

+ 29
- 0
net/haproxy/patches/0002-DOC-fix-typo-in-Unix-Socket-commands.patch Просмотреть файл

@@ -0,0 +1,29 @@
1
+From de9789b37466c37547d8c5d52d96a9d4466eb431 Mon Sep 17 00:00:00 2001
2
+From: =?UTF-8?q?Cyril=20Bont=C3=A9?= <cyril.bonte@free.fr>
3
+Date: Sat, 12 Jul 2014 18:22:42 +0200
4
+Subject: [PATCH 2/2] DOC: fix typo in Unix Socket commands
5
+
6
+Konstantin Romanenko reported a typo in the HTML documentation. The typo is
7
+already present in the raw text version : the "shutdown sessions" command
8
+should be "shutdown sessions server".
9
+(cherry picked from commit e63a1eb290a1c407453dbcaa16535c85a1904f9e)
10
+---
11
+ doc/configuration.txt | 2 +-
12
+ 1 file changed, 1 insertion(+), 1 deletion(-)
13
+
14
+diff --git a/doc/configuration.txt b/doc/configuration.txt
15
+index ca21f7d..2d71555 100644
16
+--- a/doc/configuration.txt
17
++++ b/doc/configuration.txt
18
+@@ -13869,7 +13869,7 @@ shutdown session <id>
19
+   endless transfer is ongoing. Such terminated sessions are reported with a 'K'
20
+   flag in the logs.
21
+ 
22
+-shutdown sessions <backend>/<server>
23
++shutdown sessions server <backend>/<server>
24
+   Immediately terminate all the sessions attached to the specified server. This
25
+   can be used to terminate long-running sessions after a server is put into
26
+   maintenance mode, for instance. Such terminated sessions are reported with a
27
+-- 
28
+1.8.5.5
29
+

+ 0
- 41
net/haproxy/patches/0003-BUG-MINOR-counters-do-not-untrack-counters-before-lo.patch Просмотреть файл

@@ -1,42 +0,0 @@
1
-From c177ea7187bc1918a1900c1b0e3fc67c559987a2 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Wed, 25 Jun 2014 15:36:04 +0200
4
-Subject: [PATCH 3/6] BUG/MINOR: counters: do not untrack counters before
5
- logging
6
-
7
-Baptiste Assmann reported a corner case in the releasing of stick-counters:
8
-we release content-aware counters before logging. In the past it was not a
9
-problem, but since now we can log them it, it prevents one from logging
10
-their value. Simply switching the log production and the release of the
11
-counter fixes the issue.
12
-
13
-This should be backported into 1.5.
14
-(cherry picked from commit d713bcc326da5d1ac80adab666d7710f3e37650c)
15
----
16
- src/proto_http.c | 3 ++-
17
- 1 file changed, 2 insertions(+), 1 deletion(-)
18
-
19
-diff --git a/src/proto_http.c b/src/proto_http.c
20
-index 5321f7d..d566bcc 100644
21
---- a/src/proto_http.c
22
-+++ b/src/proto_http.c
23
-@@ -4808,7 +4808,6 @@ void http_end_txn_clean_session(struct session *s)
24
- 
25
- 	s->logs.t_close = tv_ms_elapsed(&s->logs.tv_accept, &now);
26
- 	session_process_counters(s);
27
--	session_stop_content_counters(s);
28
- 
29
- 	if (s->txn.status) {
30
- 		int n;
31
-@@ -4842,6 +4841,8 @@ void http_end_txn_clean_session(struct session *s)
32
- 		s->do_log(s);
33
- 	}
34
- 
35
-+	/* stop tracking content-based counters */
36
-+	session_stop_content_counters(s);
37
- 	session_update_time_stats(s);
38
- 
39
- 	s->logs.accept_date = date; /* user-visible date for logging */
40
-1.8.5.5
41
-

+ 0
- 64
net/haproxy/patches/0004-BUG-MAJOR-sample-correctly-reinitialize-sample-fetch.patch Просмотреть файл

@@ -1,65 +0,0 @@
1
-From a4ba9dbfc688576ffb7e0a3ce43ac0b420211bf6 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Wed, 25 Jun 2014 16:56:41 +0200
4
-Subject: [PATCH 4/6] BUG/MAJOR: sample: correctly reinitialize sample fetch
5
- context before calling sample_process()
6
-
7
-We used to only clear flags when reusing the static sample before calling
8
-sample_process(), but that's not enough because there's a context in samples
9
-that can be used by some fetch functions such as auth, headers and cookies,
10
-and not reinitializing it risks that a pointer of a different type is used
11
-in the wrong context.
12
-
13
-An example configuration which triggers the case consists in mixing hdr()
14
-and http_auth_group() which both make use of contexts :
15
-
16
-     http-request add-header foo2 %[hdr(host)],%[http_auth_group(foo)]
17
-
18
-The solution is simple, initialize all the sample and not just the flags.
19
-This fix must be backported into 1.5 since it was introduced in 1.5-dev19.
20
-(cherry picked from commit 6c616e0b96106dd33d183afbda31e72799e967c3)
21
----
22
- src/proto_http.c | 3 +++
23
- src/sample.c     | 5 +++--
24
- 2 files changed, 6 insertions(+), 2 deletions(-)
25
-
26
-diff --git a/src/proto_http.c b/src/proto_http.c
27
-index d566bcc..01fe62d 100644
28
---- a/src/proto_http.c
29
-+++ b/src/proto_http.c
30
-@@ -9748,6 +9748,9 @@ smp_prefetch_http(struct proxy *px, struct session *s, void *l7, unsigned int op
31
- 	return 1;
32
- }
33
- 
34
-+/* Note: these functinos *do* modify the sample. Even in case of success, at
35
-+ * least the type and uint value are modified.
36
-+ */
37
- #define CHECK_HTTP_MESSAGE_FIRST() \
38
- 	do { int r = smp_prefetch_http(px, l4, l7, opt, args, smp, 1); if (r <= 0) return r; } while (0)
39
- 
40
-diff --git a/src/sample.c b/src/sample.c
41
-index 9f22ef9..3a0f3fb 100644
42
---- a/src/sample.c
43
-+++ b/src/sample.c
44
-@@ -905,7 +905,7 @@ struct sample *sample_process(struct proxy *px, struct session *l4, void *l7,
45
- 
46
- 	if (p == NULL) {
47
- 		p = &temp_smp;
48
--		p->flags = 0;
49
-+		memset(p, 0, sizeof(*p));
50
- 	}
51
- 
52
- 	if (!expr->fetch->process(px, l4, l7, opt, expr->arg_p, p, expr->fetch->kw))
53
-@@ -1160,7 +1160,8 @@ struct sample *sample_fetch_string(struct proxy *px, struct session *l4, void *l
54
- {
55
- 	struct sample *smp = &temp_smp;
56
- 
57
--	smp->flags = 0;
58
-+	memset(smp, 0, sizeof(*smp));
59
-+
60
- 	if (!sample_process(px, l4, l7, opt, expr, smp)) {
61
- 		if ((smp->flags & SMP_F_MAY_CHANGE) && !(opt & SMP_OPT_FINAL))
62
- 			return smp;
63
-1.8.5.5
64
-

+ 0
- 108
net/haproxy/patches/0005-MINOR-stick-table-make-stktable_fetch_key-indicate-w.patch Просмотреть файл

@@ -1,109 +0,0 @@
1
-From d008394057c4fe46ca6eb775c66cc0ff986a5495 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Wed, 25 Jun 2014 16:20:53 +0200
4
-Subject: [PATCH 5/6] MINOR: stick-table: make stktable_fetch_key() indicate
5
- why it failed
6
-
7
-stktable_fetch_key() does not indicate whether it returns NULL because
8
-the input sample was not found or because it's unstable. It causes trouble
9
-with track-sc* rules. Just like with sample_fetch_string(), we want it to
10
-be able to give more information to the caller about what it found. Thus,
11
-now we use the pointer to a sample passed by the caller, and fill it with
12
-the information we have about the sample. That way, even if we return NULL,
13
-the caller has the ability to check whether a sample was found and if it is
14
-still changing or not.
15
-(cherry picked from commit b5975defba61e7ef37ae771614166d0970ede04e)
16
----
17
- include/proto/stick_table.h |  2 +-
18
- src/proto_tcp.c             |  4 ++--
19
- src/session.c               |  4 ++--
20
- src/stick_table.c           | 12 +++++++-----
21
- 4 files changed, 12 insertions(+), 10 deletions(-)
22
-
23
-diff --git a/include/proto/stick_table.h b/include/proto/stick_table.h
24
-index 0c26fbe..57ca223 100644
25
---- a/include/proto/stick_table.h
26
-+++ b/include/proto/stick_table.h
27
-@@ -48,7 +48,7 @@ struct stksess *stktable_lookup_key(struct stktable *t, struct stktable_key *key
28
- struct stksess *stktable_update_key(struct stktable *table, struct stktable_key *key);
29
- struct stktable_key *stktable_fetch_key(struct stktable *t, struct proxy *px,
30
- 				        struct session *l4, void *l7, unsigned int opt,
31
--				        struct sample_expr *expr);
32
-+				        struct sample_expr *expr, struct sample *smp);
33
- int stktable_compatible_sample(struct sample_expr *expr, unsigned long table_type);
34
- int stktable_get_data_type(char *name);
35
- struct proxy *find_stktable(const char *name);
36
-diff --git a/src/proto_tcp.c b/src/proto_tcp.c
37
-index 65c4fda..1aac0d9 100644
38
---- a/src/proto_tcp.c
39
-+++ b/src/proto_tcp.c
40
-@@ -1027,7 +1027,7 @@ int tcp_inspect_request(struct session *s, struct channel *req, int an_bit)
41
- 					continue;
42
- 
43
- 				t = rule->act_prm.trk_ctr.table.t;
44
--				key = stktable_fetch_key(t, s->be, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->act_prm.trk_ctr.expr);
45
-+				key = stktable_fetch_key(t, s->be, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->act_prm.trk_ctr.expr, NULL);
46
- 
47
- 				if (key && (ts = stktable_get_entry(t, key))) {
48
- 					session_track_stkctr(&s->stkctr[tcp_trk_idx(rule->action)], t, ts);
49
-@@ -1228,7 +1228,7 @@ int tcp_exec_req_rules(struct session *s)
50
- 					continue;
51
- 
52
- 				t = rule->act_prm.trk_ctr.table.t;
53
--				key = stktable_fetch_key(t, s->be, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->act_prm.trk_ctr.expr);
54
-+				key = stktable_fetch_key(t, s->be, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->act_prm.trk_ctr.expr, NULL);
55
- 
56
- 				if (key && (ts = stktable_get_entry(t, key)))
57
- 					session_track_stkctr(&s->stkctr[tcp_trk_idx(rule->action)], t, ts);
58
-diff --git a/src/session.c b/src/session.c
59
-index e26f5ad..df85170 100644
60
---- a/src/session.c
61
-+++ b/src/session.c
62
-@@ -1458,7 +1458,7 @@ static int process_sticking_rules(struct session *s, struct channel *req, int an
63
- 		if (ret) {
64
- 			struct stktable_key *key;
65
- 
66
--			key = stktable_fetch_key(rule->table.t, px, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->expr);
67
-+			key = stktable_fetch_key(rule->table.t, px, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->expr, NULL);
68
- 			if (!key)
69
- 				continue;
70
- 
71
-@@ -1561,7 +1561,7 @@ static int process_store_rules(struct session *s, struct channel *rep, int an_bi
72
- 		if (ret) {
73
- 			struct stktable_key *key;
74
- 
75
--			key = stktable_fetch_key(rule->table.t, px, s, &s->txn, SMP_OPT_DIR_RES|SMP_OPT_FINAL, rule->expr);
76
-+			key = stktable_fetch_key(rule->table.t, px, s, &s->txn, SMP_OPT_DIR_RES|SMP_OPT_FINAL, rule->expr, NULL);
77
- 			if (!key)
78
- 				continue;
79
- 
80
-diff --git a/src/stick_table.c b/src/stick_table.c
81
-index c6463ec..a708d3c 100644
82
---- a/src/stick_table.c
83
-+++ b/src/stick_table.c
84
-@@ -601,15 +601,17 @@ static sample_to_key_fct sample_to_key[SMP_TYPES][STKTABLE_TYPES] = {
85
-  * Process a fetch + format conversion as defined by the sample expression <expr>
86
-  * on request or response considering the <opt> parameter. Returns either NULL if
87
-  * no key could be extracted, or a pointer to the converted result stored in
88
-- * static_table_key in format <table_type>.
89
-+ * static_table_key in format <table_type>. If <smp> is not NULL, it will be reset
90
-+ * and its flags will be initialized so that the caller gets a copy of the input
91
-+ * sample, and knows why it was not accepted (eg: SMP_F_MAY_CHANGE is present).
92
-  */
93
- struct stktable_key *stktable_fetch_key(struct stktable *t, struct proxy *px, struct session *l4, void *l7,
94
--					unsigned int opt,
95
--                                        struct sample_expr *expr)
96
-+                                        unsigned int opt, struct sample_expr *expr, struct sample *smp)
97
- {
98
--	struct sample *smp;
99
-+	if (smp)
100
-+		memset(smp, 0, sizeof(*smp));
101
- 
102
--	smp = sample_process(px, l4, l7, opt, expr, NULL);
103
-+	smp = sample_process(px, l4, l7, opt, expr, smp);
104
- 	if (!smp)
105
- 		return NULL;
106
- 
107
-1.8.5.5
108
-

+ 0
- 56
net/haproxy/patches/0006-BUG-MEDIUM-counters-fix-track-sc-to-wait-on-unstable.patch Просмотреть файл

@@ -1,57 +0,0 @@
1
-From 86bd33a9f842caf1788b61d1f99e95f8ad866660 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Wed, 25 Jun 2014 17:01:56 +0200
4
-Subject: [PATCH 6/6] BUG/MEDIUM: counters: fix track-sc* to wait on unstable
5
- contents
6
-
7
-I've been facing multiple configurations which involved track-sc* rules
8
-in tcp-request content without the "if ..." to force it to wait for the
9
-contents, resulting in random behaviour with contents sometimes retrieved
10
-and sometimes not.
11
-
12
-Reading the doc doesn't make it clear either that the tracking will be
13
-performed only if data are already there and that waiting on an ACL is
14
-the only way to avoid this.
15
-
16
-Since this behaviour is not natural and we now have the ability to fix
17
-it, this patch ensures that if input data are still moving, instead of
18
-silently dropping them, we naturally wait for them to stabilize up to
19
-the inspect-delay. This way it's not needed anymore to implement an
20
-ACL-based condition to force to wait for data, eventhough the behaviour
21
-is not changed for when an ACL is present.
22
-
23
-The most obvious usage will be when track-sc is followed by any HTTP
24
-sample expression, there's no need anymore for adding "if HTTP".
25
-
26
-It's probably worth backporting this to 1.5 to avoid further configuration
27
-issues. Note that it requires previous patch.
28
-(cherry picked from commit 1b71eb581ec1637879f725421efb95ad69f0ea4f)
29
----
30
- src/proto_tcp.c | 6 +++++-
31
- 1 file changed, 5 insertions(+), 1 deletion(-)
32
-
33
-diff --git a/src/proto_tcp.c b/src/proto_tcp.c
34
-index 1aac0d9..e9dbc9c 100644
35
---- a/src/proto_tcp.c
36
-+++ b/src/proto_tcp.c
37
-@@ -1022,12 +1022,16 @@ int tcp_inspect_request(struct session *s, struct channel *req, int an_bit)
38
- 				 * applies.
39
- 				 */
40
- 				struct stktable_key *key;
41
-+				struct sample smp;
42
- 
43
- 				if (stkctr_entry(&s->stkctr[tcp_trk_idx(rule->action)]))
44
- 					continue;
45
- 
46
- 				t = rule->act_prm.trk_ctr.table.t;
47
--				key = stktable_fetch_key(t, s->be, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->act_prm.trk_ctr.expr, NULL);
48
-+				key = stktable_fetch_key(t, s->be, s, &s->txn, SMP_OPT_DIR_REQ | partial, rule->act_prm.trk_ctr.expr, &smp);
49
-+
50
-+				if (smp.flags & SMP_F_MAY_CHANGE)
51
-+					goto missing_data;
52
- 
53
- 				if (key && (ts = stktable_get_entry(t, key))) {
54
- 					session_track_stkctr(&s->stkctr[tcp_trk_idx(rule->action)], t, ts);
55
-1.8.5.5
56
-

+ 0
- 27
net/haproxy/patches/0007-BUILD-remove-TODO-from-the-spec-file-and-add-README.patch Просмотреть файл

@@ -1,28 +0,0 @@
1
-From e726fd6571f684d0e92b8d97de8ca7a68d30f708 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Thu, 26 Jun 2014 08:20:38 +0200
4
-Subject: [PATCH 7/9] BUILD: remove TODO from the spec file and add README
5
-
6
-This used to cause a build failure since 1.5.0, as reported by
7
-Timothy Shelton. The proxy protocol doc was also added.
8
-(cherry picked from commit ca3094d0b1531ce62fc1970aa7396a01330bb5c1)
9
----
10
- examples/haproxy.spec | 2 +-
11
- 1 file changed, 1 insertion(+), 1 deletion(-)
12
-
13
-diff --git a/examples/haproxy.spec b/examples/haproxy.spec
14
-index 4ee3aa5..2fdb1a7 100644
15
---- a/examples/haproxy.spec
16
-+++ b/examples/haproxy.spec
17
-@@ -67,7 +67,7 @@ fi
18
- 
19
- %files
20
- %defattr(-,root,root)
21
--%doc CHANGELOG TODO examples/*.cfg doc/haproxy-en.txt doc/haproxy-fr.txt doc/architecture.txt doc/configuration.txt
22
-+%doc CHANGELOG README examples/*.cfg doc/haproxy-en.txt doc/haproxy-fr.txt doc/architecture.txt doc/configuration.txt doc/proxy-protocol.txt
23
- %doc %{_mandir}/man1/%{name}.1*
24
- 
25
- %attr(0755,root,root) %{_sbindir}/%{name}
26
-1.8.5.5
27
-

+ 0
- 43
net/haproxy/patches/0008-MINOR-log-make-MAX_SYSLOG_LEN-overridable-at-build-t.patch Просмотреть файл

@@ -1,44 +0,0 @@
1
-From b4cbc1e2227754ff384da1437e7d3448f91571b2 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Fri, 27 Jun 2014 18:08:49 +0200
4
-Subject: [PATCH 8/9] MINOR: log: make MAX_SYSLOG_LEN overridable at build time
5
-
6
-This value was set in log.h without any #ifndef around, so when one
7
-wanted to change it, a patch was needed. Let's move it to defaults.h
8
-with the usual #ifndef so that it's easier to change it.
9
-(cherry picked from commit 4e957907aa117c07214ab84ba2a58f2fc1666931)
10
----
11
- include/common/defaults.h | 4 ++++
12
- include/types/log.h       | 1 -
13
- 2 files changed, 4 insertions(+), 1 deletion(-)
14
-
15
-diff --git a/include/common/defaults.h b/include/common/defaults.h
16
-index c53db08..0075509 100644
17
---- a/include/common/defaults.h
18
-+++ b/include/common/defaults.h
19
-@@ -48,6 +48,10 @@
20
- #define CAPTURE_LEN     64
21
- #endif
22
- 
23
-+#ifndef MAX_SYSLOG_LEN
24
-+#define MAX_SYSLOG_LEN          1024
25
-+#endif
26
-+
27
- // maximum line size when parsing config
28
- #ifndef LINESIZE
29
- #define LINESIZE	2048
30
-diff --git a/include/types/log.h b/include/types/log.h
31
-index 8ee8d7c..b3288bd 100644
32
---- a/include/types/log.h
33
-+++ b/include/types/log.h
34
-@@ -28,7 +28,6 @@
35
- #include <common/config.h>
36
- #include <common/mini-clist.h>
37
- 
38
--#define MAX_SYSLOG_LEN          1024
39
- #define NB_LOG_FACILITIES       24
40
- #define NB_LOG_LEVELS           8
41
- #define SYSLOG_PORT             514
42
-1.8.5.5
43
-

+ 0
- 359
net/haproxy/patches/0009-MEDIUM-log-support-a-user-configurable-max-log-line-.patch Просмотреть файл

@@ -1,360 +0,0 @@
1
-From dc2695cc531bd7fc98f09df5f6e1e57290ab1a14 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Fri, 27 Jun 2014 18:10:07 +0200
4
-Subject: [PATCH 9/9] MEDIUM: log: support a user-configurable max log line
5
- length
6
-
7
-With all the goodies supported by logformat, people find that the limit
8
-of 1024 chars for log lines is too short. Some servers do not support
9
-larger lines and can simply drop them, so changing the default value is
10
-not always the best choice.
11
-
12
-This patch takes a different approach. Log line length is specified per
13
-log server on the "log" line, with a value between 80 and 65535. That
14
-way it's possibly to satisfy all needs, even with some fat local servers
15
-and small remote ones.
16
-(cherry picked from commit 18324f574f349d510622ff45635de899437a3a11)
17
----
18
- doc/configuration.txt  | 28 ++++++++++++++++--
19
- include/proto/log.h    |  1 +
20
- include/types/global.h |  1 +
21
- include/types/log.h    |  1 +
22
- src/cfgparse.c         | 80 ++++++++++++++++++++++++++++++++++++++++----------
23
- src/log.c              | 36 ++++++++++++++++-------
24
- 6 files changed, 118 insertions(+), 29 deletions(-)
25
-
26
-diff --git a/doc/configuration.txt b/doc/configuration.txt
27
-index 080d8fc..e53bb21 100644
28
---- a/doc/configuration.txt
29
-+++ b/doc/configuration.txt
30
-@@ -559,7 +559,7 @@ group <group name>
31
-   Similar to "gid" but uses the GID of group name <group name> from /etc/group.
32
-   See also "gid" and "user".
33
- 
34
--log <address> <facility> [max level [min level]]
35
-+log <address> [len <length>] <facility> [max level [min level]]
36
-   Adds a global syslog server. Up to two global servers can be defined. They
37
-   will receive logs for startups and exits, as well as all logs from proxies
38
-   configured with "log global".
39
-@@ -584,6 +584,18 @@ log <address> <facility> [max level [min level]]
40
-         optionally enclosing them with braces ('{}'), similarly to what is done
41
-         in Bourne shell.
42
- 
43
-+  <length> is an optional maximum line length. Log lines larger than this value
44
-+           will be truncated before being sent. The reason is that syslog
45
-+           servers act differently on log line length. All servers support the
46
-+           default value of 1024, but some servers simply drop larger lines
47
-+           while others do log them. If a server supports long lines, it may
48
-+           make sense to set this value here in order to avoid truncating long
49
-+           lines. Similarly, if a server drops long lines, it is preferable to
50
-+           truncate them before sending them. Accepted values are 80 to 65535
51
-+           inclusive. The default value of 1024 is generally fine for all
52
-+           standard usages. Some specific cases of long captures or
53
-+           JSON-formated logs may require larger values.
54
-+
55
-   <facility> must be one of the 24 standard syslog facilities :
56
- 
57
-           kern   user   mail   daemon auth   syslog lpr    news
58
-@@ -3349,7 +3361,7 @@ ignore-persist { if | unless } <condition>
59
- 
60
- 
61
- log global
62
--log <address> <facility> [<level> [<minlevel>]]
63
-+log <address> [len <length>] <facility> [<level> [<minlevel>]]
64
- no log
65
-   Enable per-instance logging of events and traffic.
66
-   May be used in sections :   defaults | frontend | listen | backend
67
-@@ -3389,6 +3401,18 @@ no log
68
-                sign ('$') and optionally enclosing them with braces ('{}'),
69
-                similarly to what is done in Bourne shell.
70
- 
71
-+    <length>   is an optional maximum line length. Log lines larger than this
72
-+               value will be truncated before being sent. The reason is that
73
-+               syslog servers act differently on log line length. All servers
74
-+               support the default value of 1024, but some servers simply drop
75
-+               larger lines while others do log them. If a server supports long
76
-+               lines, it may make sense to set this value here in order to avoid
77
-+               truncating long lines. Similarly, if a server drops long lines,
78
-+               it is preferable to truncate them before sending them. Accepted
79
-+               values are 80 to 65535 inclusive. The default value of 1024 is
80
-+               generally fine for all standard usages. Some specific cases of
81
-+               long captures or JSON-formated logs may require larger values.
82
-+
83
-     <facility> must be one of the 24 standard syslog facilities :
84
- 
85
-                  kern   user   mail   daemon auth   syslog lpr    news
86
-diff --git a/include/proto/log.h b/include/proto/log.h
87
-index e3c1a75..54c51d1 100644
88
---- a/include/proto/log.h
89
-+++ b/include/proto/log.h
90
-@@ -39,6 +39,7 @@ extern char *log_format;
91
- extern char default_tcp_log_format[];
92
- extern char default_http_log_format[];
93
- extern char clf_http_log_format[];
94
-+extern char *logline;
95
- 
96
- 
97
- int build_logline(struct session *s, char *dst, size_t maxsize, struct list *list_format);
98
-diff --git a/include/types/global.h b/include/types/global.h
99
-index 23e3f3d..77df1dd 100644
100
---- a/include/types/global.h
101
-+++ b/include/types/global.h
102
-@@ -110,6 +110,7 @@ struct global {
103
- 	int last_checks;
104
- 	int spread_checks;
105
- 	int max_spread_checks;
106
-+	int max_syslog_len;
107
- 	char *chroot;
108
- 	char *pidfile;
109
- 	char *node, *desc;		/* node name & description */
110
-diff --git a/include/types/log.h b/include/types/log.h
111
-index b3288bd..c7e47ea 100644
112
---- a/include/types/log.h
113
-+++ b/include/types/log.h
114
-@@ -152,6 +152,7 @@ struct logsrv {
115
- 	int facility;
116
- 	int level;
117
- 	int minlvl;
118
-+	int maxlen;
119
- };
120
- 
121
- #endif /* _TYPES_LOG_H */
122
-diff --git a/src/cfgparse.c b/src/cfgparse.c
123
-index 762978a..e6e65b4 100644
124
---- a/src/cfgparse.c
125
-+++ b/src/cfgparse.c
126
-@@ -1254,6 +1254,8 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm)
127
- 		struct sockaddr_storage *sk;
128
- 		int port1, port2;
129
- 		struct logsrv *logsrv;
130
-+		int arg = 0;
131
-+		int len = 0;
132
- 
133
- 		if (*(args[1]) == 0 || *(args[2]) == 0) {
134
- 			Alert("parsing [%s:%d] : '%s' expects <address> and <facility> as arguments.\n", file, linenum, args[0]);
135
-@@ -1263,28 +1265,50 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm)
136
- 
137
- 		logsrv = calloc(1, sizeof(struct logsrv));
138
- 
139
--		logsrv->facility = get_log_facility(args[2]);
140
-+		/* just after the address, a length may be specified */
141
-+		if (strcmp(args[arg+2], "len") == 0) {
142
-+			len = atoi(args[arg+3]);
143
-+			if (len < 80 || len > 65535) {
144
-+				Alert("parsing [%s:%d] : invalid log length '%s', must be between 80 and 65535.\n",
145
-+				      file, linenum, args[arg+3]);
146
-+				err_code |= ERR_ALERT | ERR_FATAL;
147
-+				goto out;
148
-+			}
149
-+			logsrv->maxlen = len;
150
-+
151
-+			/* skip these two args */
152
-+			arg += 2;
153
-+		}
154
-+		else
155
-+			logsrv->maxlen = MAX_SYSLOG_LEN;
156
-+
157
-+		if (logsrv->maxlen > global.max_syslog_len) {
158
-+			global.max_syslog_len = logsrv->maxlen;
159
-+			logline = realloc(logline, global.max_syslog_len + 1);
160
-+		}
161
-+
162
-+		logsrv->facility = get_log_facility(args[arg+2]);
163
- 		if (logsrv->facility < 0) {
164
--			Alert("parsing [%s:%d] : unknown log facility '%s'\n", file, linenum, args[2]);
165
-+			Alert("parsing [%s:%d] : unknown log facility '%s'\n", file, linenum, args[arg+2]);
166
- 			err_code |= ERR_ALERT | ERR_FATAL;
167
- 			logsrv->facility = 0;
168
- 		}
169
- 
170
- 		logsrv->level = 7; /* max syslog level = debug */
171
--		if (*(args[3])) {
172
--			logsrv->level = get_log_level(args[3]);
173
-+		if (*(args[arg+3])) {
174
-+			logsrv->level = get_log_level(args[arg+3]);
175
- 			if (logsrv->level < 0) {
176
--				Alert("parsing [%s:%d] : unknown optional log level '%s'\n", file, linenum, args[3]);
177
-+				Alert("parsing [%s:%d] : unknown optional log level '%s'\n", file, linenum, args[arg+3]);
178
- 				err_code |= ERR_ALERT | ERR_FATAL;
179
- 				logsrv->level = 0;
180
- 			}
181
- 		}
182
- 
183
- 		logsrv->minlvl = 0; /* limit syslog level to this level (emerg) */
184
--		if (*(args[4])) {
185
--			logsrv->minlvl = get_log_level(args[4]);
186
-+		if (*(args[arg+4])) {
187
-+			logsrv->minlvl = get_log_level(args[arg+4]);
188
- 			if (logsrv->minlvl < 0) {
189
--				Alert("parsing [%s:%d] : unknown optional minimum log level '%s'\n", file, linenum, args[4]);
190
-+				Alert("parsing [%s:%d] : unknown optional minimum log level '%s'\n", file, linenum, args[arg+4]);
191
- 				err_code |= ERR_ALERT | ERR_FATAL;
192
- 				logsrv->minlvl = 0;
193
- 			}
194
-@@ -4791,22 +4815,46 @@ stats_error_parsing:
195
- 		else if (*(args[1]) && *(args[2])) {
196
- 			struct sockaddr_storage *sk;
197
- 			int port1, port2;
198
-+			int arg = 0;
199
-+			int len = 0;
200
- 
201
- 			logsrv = calloc(1, sizeof(struct logsrv));
202
- 
203
--			logsrv->facility = get_log_facility(args[2]);
204
-+			/* just after the address, a length may be specified */
205
-+			if (strcmp(args[arg+2], "len") == 0) {
206
-+				len = atoi(args[arg+3]);
207
-+				if (len < 80 || len > 65535) {
208
-+					Alert("parsing [%s:%d] : invalid log length '%s', must be between 80 and 65535.\n",
209
-+					      file, linenum, args[arg+3]);
210
-+					err_code |= ERR_ALERT | ERR_FATAL;
211
-+					goto out;
212
-+				}
213
-+				logsrv->maxlen = len;
214
-+
215
-+				/* skip these two args */
216
-+				arg += 2;
217
-+			}
218
-+			else
219
-+				logsrv->maxlen = MAX_SYSLOG_LEN;
220
-+
221
-+			if (logsrv->maxlen > global.max_syslog_len) {
222
-+				global.max_syslog_len = logsrv->maxlen;
223
-+				logline = realloc(logline, global.max_syslog_len + 1);
224
-+			}
225
-+
226
-+			logsrv->facility = get_log_facility(args[arg+2]);
227
- 			if (logsrv->facility < 0) {
228
--				Alert("parsing [%s:%d] : unknown log facility '%s'\n", file, linenum, args[2]);
229
-+				Alert("parsing [%s:%d] : unknown log facility '%s'\n", file, linenum, args[arg+2]);
230
- 				err_code |= ERR_ALERT | ERR_FATAL;
231
- 				goto out;
232
- 
233
- 			}
234
- 	    
235
- 			logsrv->level = 7; /* max syslog level = debug */
236
--			if (*(args[3])) {
237
--				logsrv->level = get_log_level(args[3]);
238
-+			if (*(args[arg+3])) {
239
-+				logsrv->level = get_log_level(args[arg+3]);
240
- 				if (logsrv->level < 0) {
241
--					Alert("parsing [%s:%d] : unknown optional log level '%s'\n", file, linenum, args[3]);
242
-+					Alert("parsing [%s:%d] : unknown optional log level '%s'\n", file, linenum, args[arg+3]);
243
- 					err_code |= ERR_ALERT | ERR_FATAL;
244
- 					goto out;
245
- 
246
-@@ -4814,10 +4862,10 @@ stats_error_parsing:
247
- 			}
248
- 
249
- 			logsrv->minlvl = 0; /* limit syslog level to this level (emerg) */
250
--			if (*(args[4])) {
251
--				logsrv->minlvl = get_log_level(args[4]);
252
-+			if (*(args[arg+4])) {
253
-+				logsrv->minlvl = get_log_level(args[arg+4]);
254
- 				if (logsrv->minlvl < 0) {
255
--					Alert("parsing [%s:%d] : unknown optional minimum log level '%s'\n", file, linenum, args[4]);
256
-+					Alert("parsing [%s:%d] : unknown optional minimum log level '%s'\n", file, linenum, args[arg+4]);
257
- 					err_code |= ERR_ALERT | ERR_FATAL;
258
- 					goto out;
259
- 
260
-diff --git a/src/log.c b/src/log.c
261
-index 114ab7b..3e3acb4 100644
262
---- a/src/log.c
263
-+++ b/src/log.c
264
-@@ -146,7 +146,7 @@ char *log_format = NULL;
265
- /* This is a global syslog line, common to all outgoing messages. It begins
266
-  * with the syslog tag and the date that are updated by update_log_hdr().
267
-  */
268
--static char logline[MAX_SYSLOG_LEN];
269
-+char *logline = NULL;
270
- 
271
- struct logformat_var_args {
272
- 	char *name;
273
-@@ -736,7 +736,7 @@ static char *update_log_hdr()
274
- 		tvsec = date.tv_sec;
275
- 		get_localtime(tvsec, &tm);
276
- 
277
--		hdr_len = snprintf(logline, MAX_SYSLOG_LEN,
278
-+		hdr_len = snprintf(logline, global.max_syslog_len,
279
- 				   "<<<<>%s %2d %02d:%02d:%02d %s%s[%d]: ",
280
- 				   monthname[tm.tm_mon],
281
- 				   tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec,
282
-@@ -746,8 +746,8 @@ static char *update_log_hdr()
283
- 		 * either -1 or the number of bytes that would be needed to store
284
- 		 * the total message. In both cases, we must adjust it.
285
- 		 */
286
--		if (hdr_len < 0 || hdr_len > MAX_SYSLOG_LEN)
287
--			hdr_len = MAX_SYSLOG_LEN;
288
-+		if (hdr_len < 0 || hdr_len > global.max_syslog_len)
289
-+			hdr_len = global.max_syslog_len;
290
- 
291
- 		dataptr = logline + hdr_len;
292
- 	}
293
-@@ -772,9 +772,9 @@ void send_log(struct proxy *p, int level, const char *format, ...)
294
- 	data_len = dataptr - logline;
295
- 
296
- 	va_start(argp, format);
297
--	data_len += vsnprintf(dataptr, logline + sizeof(logline) - dataptr, format, argp);
298
--	if (data_len < 0 || data_len > MAX_SYSLOG_LEN)
299
--		data_len =  MAX_SYSLOG_LEN;
300
-+	data_len += vsnprintf(dataptr, logline + global.max_syslog_len - dataptr, format, argp);
301
-+	if (data_len < 0 || data_len > global.max_syslog_len)
302
-+		data_len = global.max_syslog_len;
303
- 	va_end(argp);
304
- 
305
- 	__send_log(p, level, logline, data_len);
306
-@@ -811,8 +811,6 @@ void __send_log(struct proxy *p, int level, char *message, size_t size)
307
- 	if (!logsrvs)
308
- 		return;
309
- 
310
--	message[size - 1] = '\n';
311
--
312
- 	/* Send log messages to syslog server. */
313
- 	nblogger = 0;
314
- 	list_for_each_entry(tmp, logsrvs, list) {
315
-@@ -820,6 +818,8 @@ void __send_log(struct proxy *p, int level, char *message, size_t size)
316
- 		int *plogfd = logsrv->addr.ss_family == AF_UNIX ?
317
- 			&logfdunix : &logfdinet;
318
- 		int sent;
319
-+		int max;
320
-+		char backup;
321
- 
322
- 		nblogger++;
323
- 
324
-@@ -858,9 +858,23 @@ void __send_log(struct proxy *p, int level, char *message, size_t size)
325
- 		} while (fac_level && log_ptr > dataptr);
326
- 		*log_ptr = '<';
327
- 
328
--		sent = sendto(*plogfd, log_ptr, size - (log_ptr - dataptr),
329
-+		max = size - (log_ptr - dataptr);
330
-+		if (max > logsrv->maxlen)
331
-+			max = logsrv->maxlen;
332
-+
333
-+		/* insert a \n at the end of the message, but save what was
334
-+		 * there first because we could have different max lengths
335
-+		 * for different log targets.
336
-+		 */
337
-+		backup = log_ptr[max - 1];
338
-+		log_ptr[max - 1] = '\n';
339
-+
340
-+		sent = sendto(*plogfd, log_ptr, max,
341
- 			      MSG_DONTWAIT | MSG_NOSIGNAL,
342
- 			      (struct sockaddr *)&logsrv->addr, get_addr_len(&logsrv->addr));
343
-+
344
-+		log_ptr[max - 1] = backup;
345
-+
346
- 		if (sent < 0) {
347
- 			Alert("sendto logger #%d failed: %s (errno=%d)\n",
348
- 				nblogger, strerror(errno), errno);
349
-@@ -1604,7 +1618,7 @@ void sess_log(struct session *s)
350
- 
351
- 	tmplog = update_log_hdr();
352
- 	size = tmplog - logline;
353
--	size += build_logline(s, tmplog, sizeof(logline) - size, &s->fe->logformat);
354
-+	size += build_logline(s, tmplog, global.max_syslog_len - size, &s->fe->logformat);
355
- 	if (size > 0) {
356
- 		__send_log(s->fe, level, logline, size + 1);
357
- 		s->logs.logwait = 0;
358
-1.8.5.5
359
-

+ 0
- 27
net/haproxy/patches/0010-MINOR-stats-fix-minor-typo-in-HTML-page.patch Просмотреть файл

@@ -1,28 +0,0 @@
1
-From d38f5c0c1cbba00d80cad2640c005794fa5bc4f9 Mon Sep 17 00:00:00 2001
2
-From: Marco Corte <marco@marcocorte.it>
3
-Date: Wed, 2 Jul 2014 17:49:34 +0200
4
-Subject: [PATCH 10/12] MINOR: stats: fix minor typo in HTML page
5
-
6
-There is a very small typo in the statistics interface: a "set" in
7
-lowercase where allothers are uppercase "Set".
8
-(cherry picked from commit 8c27bcaea0116247ee055c5481a63507de4fe6e4)
9
----
10
- src/dumpstats.c | 2 +-
11
- 1 file changed, 1 insertion(+), 1 deletion(-)
12
-
13
-diff --git a/src/dumpstats.c b/src/dumpstats.c
14
-index c8bac08..5365042 100644
15
---- a/src/dumpstats.c
16
-+++ b/src/dumpstats.c
17
-@@ -3710,7 +3710,7 @@ static void stats_dump_html_px_end(struct stream_interface *si, struct proxy *px
18
- 			      "<option value=\"\"></option>"
19
- 			      "<option value=\"ready\">Set state to READY</option>"
20
- 			      "<option value=\"drain\">Set state to DRAIN</option>"
21
--			      "<option value=\"maint\">set state to MAINT</option>"
22
-+			      "<option value=\"maint\">Set state to MAINT</option>"
23
- 			      "<option value=\"dhlth\">Health: disable checks</option>"
24
- 			      "<option value=\"ehlth\">Health: enable checks</option>"
25
- 			      "<option value=\"hrunn\">Health: force UP</option>"
26
-1.8.5.5
27
-

+ 0
- 44
net/haproxy/patches/0011-BUG-MEDIUM-unix-do-not-unlink-abstract-namespace-soc.patch Просмотреть файл

@@ -1,45 +0,0 @@
1
-From 76ad998e2b6ae852567ff53edb84a0b467c0c9cb Mon Sep 17 00:00:00 2001
2
-From: Jan Seda <hodor@hodor.cz>
3
-Date: Thu, 26 Jun 2014 20:44:05 +0200
4
-Subject: [PATCH 11/12] BUG/MEDIUM: unix: do not unlink() abstract namespace
5
- sockets upon failure.
6
-
7
-When bind() fails (function uxst_bind_listener()), the fail path doesn't
8
-consider the abstract namespace and tries to unlink paths held in
9
-uninitiliazed memory (tempname and backname). See the strace excerpt;
10
-the strings still hold the path from test1.
11
-
12
-===============================================================================================
13
-23722 bind(5, {sa_family=AF_FILE, path=@"test2"}, 110) = -1 EADDRINUSE (Address already in use)
14
-23722 unlink("/tmp/test1.sock.23722.tmp") = -1 ENOENT (No such file or directory)
15
-23722 close(5)                          = 0
16
-23722 unlink("/tmp/test1.sock.23722.bak") = -1 ENOENT (No such file or directory)
17
-===============================================================================================
18
-
19
-This patch should be backported to 1.5.
20
-(cherry picked from commit 7319b64fc4c9b7e04726816c6cc02f6ecf66a0a4)
21
----
22
- src/proto_uxst.c | 4 ++--
23
- 1 file changed, 2 insertions(+), 2 deletions(-)
24
-
25
-diff --git a/src/proto_uxst.c b/src/proto_uxst.c
26
-index f83d34e..c9a52ff 100644
27
---- a/src/proto_uxst.c
28
-+++ b/src/proto_uxst.c
29
-@@ -309,11 +309,11 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
30
- 	if (ret < 0 && errno == ENOENT)
31
- 		unlink(path);
32
-  err_unlink_temp:
33
--	if (!ext)
34
-+	if (!ext && path[0])
35
- 		unlink(tempname);
36
- 	close(fd);
37
-  err_unlink_back:
38
--	if (!ext)
39
-+	if (!ext && path[0])
40
- 		unlink(backname);
41
-  err_return:
42
- 	if (msg && errlen) {
43
-1.8.5.5
44
-

+ 0
- 28
net/haproxy/patches/0012-DOC-provide-an-example-of-how-to-use-ssl_c_sha1.patch Просмотреть файл

@@ -1,29 +0,0 @@
1
-From 9fe4cb64cd9514a72bcd4b2fd8781620da9e1f76 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Wed, 2 Jul 2014 19:01:22 +0200
4
-Subject: [PATCH 12/12] DOC: provide an example of how to use ssl_c_sha1
5
-
6
-As suggested by Aydan Yumerefendi, a little bit of examples never hurts.
7
-(cherry picked from commit 2d0caa38e040b081903e50faa56bae52599b3949)
8
----
9
- doc/configuration.txt | 4 ++++
10
- 1 file changed, 4 insertions(+)
11
-
12
-diff --git a/doc/configuration.txt b/doc/configuration.txt
13
-index e53bb21..fcc6454 100644
14
---- a/doc/configuration.txt
15
-+++ b/doc/configuration.txt
16
-@@ -10722,6 +10722,10 @@ ssl_c_sha1 : binary
17
-   Returns the SHA-1 fingerprint of the certificate presented by the client when
18
-   the incoming connection was made over an SSL/TLS transport layer. This can be
19
-   used to stick a client to a server, or to pass this information to a server.
20
-+  Note that the output is binary, so if you want to pass that signature to the
21
-+  server, you need to encode it in hex or base64, such as in the example below:
22
-+
23
-+     http-request set-header X-SSL-Client-SHA1 %[ssl_c_sha1,hex]
24
- 
25
- ssl_c_sig_alg : string
26
-   Returns the name of the algorithm used to sign the certificate presented by
27
-1.8.5.5
28
-

+ 0
- 101
net/haproxy/patches/0013-BUILD-http-fix-isdigit-isspace-warnings-on-Solaris.patch Просмотреть файл

@@ -1,102 +0,0 @@
1
-From 463ae6f09e485faf3d1cdc4daceefe4bcd50b50e Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Tue, 8 Jul 2014 00:59:48 +0200
4
-Subject: [PATCH 13/21] BUILD: http: fix isdigit & isspace warnings on Solaris
5
-
6
-As usual, when touching any is* function, Solaris complains about the
7
-type of the element being checked. Better backport this to 1.5 since
8
-nobody knows what the emitted code looks like since macros are used
9
-instead of functions.
10
-(cherry picked from commit 506c69a50e8d434b6b0c2c89b0402f220830644d)
11
----
12
- src/proto_http.c | 20 ++++++++++----------
13
- 1 file changed, 10 insertions(+), 10 deletions(-)
14
-
15
-diff --git a/src/proto_http.c b/src/proto_http.c
16
-index 01fe62d..4a862b0 100644
17
---- a/src/proto_http.c
18
-+++ b/src/proto_http.c
19
-@@ -2143,22 +2143,22 @@ int parse_qvalue(const char *qvalue, const char **end)
20
- {
21
- 	int q = 1000;
22
- 
23
--	if (!isdigit(*qvalue))
24
-+	if (!isdigit((unsigned char)*qvalue))
25
- 		goto out;
26
- 	q = (*qvalue++ - '0') * 1000;
27
- 
28
- 	if (*qvalue++ != '.')
29
- 		goto out;
30
- 
31
--	if (!isdigit(*qvalue))
32
-+	if (!isdigit((unsigned char)*qvalue))
33
- 		goto out;
34
- 	q += (*qvalue++ - '0') * 100;
35
- 
36
--	if (!isdigit(*qvalue))
37
-+	if (!isdigit((unsigned char)*qvalue))
38
- 		goto out;
39
- 	q += (*qvalue++ - '0') * 10;
40
- 
41
--	if (!isdigit(*qvalue))
42
-+	if (!isdigit((unsigned char)*qvalue))
43
- 		goto out;
44
- 	q += (*qvalue++ - '0') * 1;
45
-  out:
46
-@@ -11226,7 +11226,7 @@ static int sample_conv_q_prefered(const struct arg *args, struct sample *smp)
47
- 	while (1) {
48
- 
49
- 		/* Jump spaces, quit if the end is detected. */
50
--		while (al < end && isspace(*al))
51
-+		while (al < end && isspace((unsigned char)*al))
52
- 			al++;
53
- 		if (al >= end)
54
- 			break;
55
-@@ -11235,7 +11235,7 @@ static int sample_conv_q_prefered(const struct arg *args, struct sample *smp)
56
- 		token = al;
57
- 
58
- 		/* Look for separator: isspace(), ',' or ';'. Next value if 0 length word. */
59
--		while (al < end && *al != ';' && *al != ',' && !isspace(*al))
60
-+		while (al < end && *al != ';' && *al != ',' && !isspace((unsigned char)*al))
61
- 			al++;
62
- 		if (al == token)
63
- 			goto expect_comma;
64
-@@ -11264,7 +11264,7 @@ static int sample_conv_q_prefered(const struct arg *args, struct sample *smp)
65
- look_for_q:
66
- 
67
- 		/* Jump spaces, quit if the end is detected. */
68
--		while (al < end && isspace(*al))
69
-+		while (al < end && isspace((unsigned char)*al))
70
- 			al++;
71
- 		if (al >= end)
72
- 			goto process_value;
73
-@@ -11283,7 +11283,7 @@ look_for_q:
74
- 		al++;
75
- 
76
- 		/* Jump spaces, process value if the end is detected. */
77
--		while (al < end && isspace(*al))
78
-+		while (al < end && isspace((unsigned char)*al))
79
- 			al++;
80
- 		if (al >= end)
81
- 			goto process_value;
82
-@@ -11294,7 +11294,7 @@ look_for_q:
83
- 		al++;
84
- 
85
- 		/* Jump spaces, process value if the end is detected. */
86
--		while (al < end && isspace(*al))
87
-+		while (al < end && isspace((unsigned char)*al))
88
- 			al++;
89
- 		if (al >= end)
90
- 			goto process_value;
91
-@@ -11305,7 +11305,7 @@ look_for_q:
92
- 		al++;
93
- 
94
- 		/* Jump spaces, process value if the end is detected. */
95
--		while (al < end && isspace(*al))
96
-+		while (al < end && isspace((unsigned char)*al))
97
- 			al++;
98
- 		if (al >= end)
99
- 			goto process_value;
100
-1.8.5.5
101
-

+ 0
- 31
net/haproxy/patches/0014-BUG-MINOR-listener-set-the-listener-s-fd-to-1-after-.patch Просмотреть файл

@@ -1,32 +0,0 @@
1
-From fb8bf6324bfe9f36d0be5110fcc13facba4389a8 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Mon, 7 Jul 2014 18:24:48 +0200
4
-Subject: [PATCH 14/21] BUG/MINOR: listener: set the listener's fd to -1 after
5
- deletion
6
-
7
-This is currently harmless, but when stopping a listener, its fd is
8
-closed but not set to -1, so it is not possible to re-open it again.
9
-Currently this has no impact but can have after the abstract sockets
10
-are modified to perform a complete close on soft-reload.
11
-
12
-The fix can be backported to 1.5 and may even apply to 1.4 (protocols.c).
13
-(cherry picked from commit 39447b6a5799a160eae452db920fd0735a78638b)
14
----
15
- src/listener.c | 1 +
16
- 1 file changed, 1 insertion(+)
17
-
18
-diff --git a/src/listener.c b/src/listener.c
19
-index ec3a39b..a82ce81 100644
20
---- a/src/listener.c
21
-+++ b/src/listener.c
22
-@@ -236,6 +236,7 @@ int unbind_listener(struct listener *listener)
23
- 
24
- 	if (listener->state >= LI_PAUSED) {
25
- 		fd_delete(listener->fd);
26
-+		listener->fd = -1;
27
- 		listener->state = LI_ASSIGNED;
28
- 	}
29
- 	return ERR_NONE;
30
-1.8.5.5
31
-

+ 0
- 152
net/haproxy/patches/0015-BUG-MEDIUM-unix-failed-abstract-socket-binding-is-re.patch Просмотреть файл

@@ -1,153 +0,0 @@
1
-From 58dd0f33fa908e83199d28775bad8ee2f24151a9 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Mon, 7 Jul 2014 18:36:45 +0200
4
-Subject: [PATCH 15/21] BUG/MEDIUM: unix: failed abstract socket binding is
5
- retryable
6
-
7
-Jan Seda noticed that abstract sockets are incompatible with soft reload,
8
-because the new process cannot bind and immediately fails. This patch marks
9
-the binding as retryable and not fatal so that the new process can try to
10
-bind again after sending a signal to the old process.
11
-
12
-Note that this fix is not enough to completely solve the problem, but it
13
-is necessary. This patch should be backported to 1.5.
14
-(cherry picked from commit 3c5efa2b3268f31cffc2c18887010d4bc906a066)
15
----
16
- src/proto_uxst.c | 30 ++++++++++++++++++++++++++----
17
- 1 file changed, 26 insertions(+), 4 deletions(-)
18
-
19
-diff --git a/src/proto_uxst.c b/src/proto_uxst.c
20
-index c9a52ff..409c659 100644
21
---- a/src/proto_uxst.c
22
-+++ b/src/proto_uxst.c
23
-@@ -166,9 +166,11 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
24
- 	const char *path;
25
- 	int ext, ready;
26
- 	socklen_t ready_len;
27
--
28
-+	int err;
29
- 	int ret;
30
- 
31
-+	err = ERR_NONE;
32
-+
33
- 	/* ensure we never return garbage */
34
- 	if (errlen)
35
- 		*errmsg = 0;
36
-@@ -191,29 +193,34 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
37
- 	if (path[0]) {
38
- 		ret = snprintf(tempname, MAXPATHLEN, "%s.%d.tmp", path, pid);
39
- 		if (ret < 0 || ret >= MAXPATHLEN) {
40
-+			err |= ERR_FATAL | ERR_ALERT;
41
- 			msg = "name too long for UNIX socket";
42
- 			goto err_return;
43
- 		}
44
- 
45
- 		ret = snprintf(backname, MAXPATHLEN, "%s.%d.bak", path, pid);
46
- 		if (ret < 0 || ret >= MAXPATHLEN) {
47
-+			err |= ERR_FATAL | ERR_ALERT;
48
- 			msg = "name too long for UNIX socket";
49
- 			goto err_return;
50
- 		}
51
- 
52
- 		/* 2. clean existing orphaned entries */
53
- 		if (unlink(tempname) < 0 && errno != ENOENT) {
54
-+			err |= ERR_FATAL | ERR_ALERT;
55
- 			msg = "error when trying to unlink previous UNIX socket";
56
- 			goto err_return;
57
- 		}
58
- 
59
- 		if (unlink(backname) < 0 && errno != ENOENT) {
60
-+			err |= ERR_FATAL | ERR_ALERT;
61
- 			msg = "error when trying to unlink previous UNIX socket";
62
- 			goto err_return;
63
- 		}
64
- 
65
- 		/* 3. backup existing socket */
66
- 		if (link(path, backname) < 0 && errno != ENOENT) {
67
-+			err |= ERR_FATAL | ERR_ALERT;
68
- 			msg = "error when trying to preserve previous UNIX socket";
69
- 			goto err_return;
70
- 		}
71
-@@ -231,24 +238,35 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
72
- 
73
- 	fd = socket(PF_UNIX, SOCK_STREAM, 0);
74
- 	if (fd < 0) {
75
-+		err |= ERR_FATAL | ERR_ALERT;
76
- 		msg = "cannot create UNIX socket";
77
- 		goto err_unlink_back;
78
- 	}
79
- 
80
-  fd_ready:
81
- 	if (fd >= global.maxsock) {
82
-+		err |= ERR_FATAL | ERR_ALERT;
83
- 		msg = "socket(): not enough free sockets, raise -n argument";
84
- 		goto err_unlink_temp;
85
- 	}
86
- 	
87
- 	if (fcntl(fd, F_SETFL, O_NONBLOCK) == -1) {
88
-+		err |= ERR_FATAL | ERR_ALERT;
89
- 		msg = "cannot make UNIX socket non-blocking";
90
- 		goto err_unlink_temp;
91
- 	}
92
- 	
93
- 	if (!ext && bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
94
- 		/* note that bind() creates the socket <tempname> on the file system */
95
--		msg = "cannot bind UNIX socket";
96
-+		if (errno == EADDRINUSE) {
97
-+			/* the old process might still own it, let's retry */
98
-+			err |= ERR_RETRYABLE | ERR_ALERT;
99
-+			msg = "cannot listen to socket";
100
-+		}
101
-+		else {
102
-+			err |= ERR_FATAL | ERR_ALERT;
103
-+			msg = "cannot bind UNIX socket";
104
-+		}
105
- 		goto err_unlink_temp;
106
- 	}
107
- 
108
-@@ -261,6 +279,7 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
109
- 	    (((listener->bind_conf->ux.uid != -1 || listener->bind_conf->ux.gid != -1) &&
110
- 	      (chown(tempname, listener->bind_conf->ux.uid, listener->bind_conf->ux.gid) == -1)) ||
111
- 	     (listener->bind_conf->ux.mode != 0 && chmod(tempname, listener->bind_conf->ux.mode) == -1))) {
112
-+		err |= ERR_FATAL | ERR_ALERT;
113
- 		msg = "cannot change UNIX socket ownership";
114
- 		goto err_unlink_temp;
115
- 	}
116
-@@ -272,6 +291,7 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
117
- 
118
- 	if (!(ext && ready) && /* only listen if not already done by external process */
119
- 	    listen(fd, listener->backlog ? listener->backlog : listener->maxconn) < 0) {
120
-+		err |= ERR_FATAL | ERR_ALERT;
121
- 		msg = "cannot listen to UNIX socket";
122
- 		goto err_unlink_temp;
123
- 	}
124
-@@ -281,6 +301,7 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
125
- 	 * backname. Abstract sockets are not renamed.
126
- 	 */
127
- 	if (!ext && path[0] && rename(tempname, path) < 0) {
128
-+		err |= ERR_FATAL | ERR_ALERT;
129
- 		msg = "cannot switch final and temporary UNIX sockets";
130
- 		goto err_rename;
131
- 	}
132
-@@ -303,7 +324,8 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
133
- 	fd_insert(fd);
134
- 	fdtab[fd].iocb = listener->proto->accept;
135
- 	fdtab[fd].owner = listener; /* reference the listener instead of a task */
136
--	return ERR_NONE;
137
-+	return err;
138
-+
139
-  err_rename:
140
- 	ret = rename(backname, path);
141
- 	if (ret < 0 && errno == ENOENT)
142
-@@ -322,7 +344,7 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
143
- 		else
144
- 			snprintf(errmsg, errlen, "%s [fd %d]", msg, fd);
145
- 	}
146
--	return ERR_FATAL | ERR_ALERT;
147
-+	return err;
148
- }
149
- 
150
- /* This function closes the UNIX sockets for the specified listener.
151
-1.8.5.5
152
-

+ 0
- 123
net/haproxy/patches/0016-MEDIUM-listener-implement-a-per-protocol-pause-funct.patch Просмотреть файл

@@ -1,124 +0,0 @@
1
-From d903bb345dcf6ed058ccf84f476f066b3dc08d47 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Mon, 7 Jul 2014 20:22:12 +0200
4
-Subject: [PATCH 16/21] MEDIUM: listener: implement a per-protocol pause()
5
- function
6
-
7
-In order to fix the abstact socket pause mechanism during soft restarts,
8
-we'll need to proceed differently depending on the socket protocol. The
9
-pause_listener() function already supports some protocol-specific handling
10
-for the TCP case.
11
-
12
-This commit makes this cleaner by adding a new ->pause() function to the
13
-protocol struct, which, if defined, may be used to pause a listener of a
14
-given protocol.
15
-
16
-For now, only TCP has been adapted, with the specific code moved from
17
-pause_listener() to tcp_pause_listener().
18
-(cherry picked from commit 092d865c53de80afc847c5ff0a079b414041ce2a)
19
----
20
- include/proto/proto_tcp.h |  1 +
21
- include/types/protocol.h  |  1 +
22
- src/listener.c            | 17 +++++++++--------
23
- src/proto_tcp.c           | 18 ++++++++++++++++++
24
- 4 files changed, 29 insertions(+), 8 deletions(-)
25
-
26
-diff --git a/include/proto/proto_tcp.h b/include/proto/proto_tcp.h
27
-index 4adf4d2..ac8b711 100644
28
---- a/include/proto/proto_tcp.h
29
-+++ b/include/proto/proto_tcp.h
30
-@@ -30,6 +30,7 @@
31
- int tcp_bind_socket(int fd, int flags, struct sockaddr_storage *local, struct sockaddr_storage *remote);
32
- void tcpv4_add_listener(struct listener *listener);
33
- void tcpv6_add_listener(struct listener *listener);
34
-+int tcp_pause_listener(struct listener *l);
35
- int tcp_connect_server(struct connection *conn, int data, int delack);
36
- int tcp_connect_probe(struct connection *conn);
37
- int tcp_get_src(int fd, struct sockaddr *sa, socklen_t salen, int dir);
38
-diff --git a/include/types/protocol.h b/include/types/protocol.h
39
-index e03692a..74b20e8 100644
40
---- a/include/types/protocol.h
41
-+++ b/include/types/protocol.h
42
-@@ -60,6 +60,7 @@ struct protocol {
43
- 	int (*get_src)(int fd, struct sockaddr *, socklen_t, int dir); /* syscall used to retrieve src addr */
44
- 	int (*get_dst)(int fd, struct sockaddr *, socklen_t, int dir); /* syscall used to retrieve dst addr */
45
- 	int (*drain)(int fd);                           /* indicates whether we can safely close the fd */
46
-+	int (*pause)(struct listener *l);               /* temporarily pause this listener for a soft restart */
47
- 
48
- 	struct list listeners;				/* list of listeners using this protocol */
49
- 	int nb_listeners;				/* number of listeners */
50
-diff --git a/src/listener.c b/src/listener.c
51
-index a82ce81..67f8ca7 100644
52
---- a/src/listener.c
53
-+++ b/src/listener.c
54
-@@ -95,15 +95,16 @@ int pause_listener(struct listener *l)
55
- 	if (l->state <= LI_PAUSED)
56
- 		return 1;
57
- 
58
--	if (l->proto->sock_prot == IPPROTO_TCP) {
59
--		if (shutdown(l->fd, SHUT_WR) != 0)
60
--			return 0; /* Solaris dies here */
61
--
62
--		if (listen(l->fd, l->backlog ? l->backlog : l->maxconn) != 0)
63
--			return 0; /* OpenBSD dies here */
64
-+	if (l->proto->pause) {
65
-+		/* Returns < 0 in case of failure, 0 if the listener
66
-+		 * was totally stopped, or > 0 if correctly paused.
67
-+		 */
68
-+		int ret = l->proto->pause(l);
69
- 
70
--		if (shutdown(l->fd, SHUT_RD) != 0)
71
--			return 0; /* should always be OK */
72
-+		if (ret < 0)
73
-+			return 0;
74
-+		else if (ret == 0)
75
-+			return 1;
76
- 	}
77
- 
78
- 	if (l->state == LI_LIMITED)
79
-diff --git a/src/proto_tcp.c b/src/proto_tcp.c
80
-index e9dbc9c..9778856 100644
81
---- a/src/proto_tcp.c
82
-+++ b/src/proto_tcp.c
83
-@@ -80,6 +80,7 @@ static struct protocol proto_tcpv4 = {
84
- 	.get_src = tcp_get_src,
85
- 	.get_dst = tcp_get_dst,
86
- 	.drain = tcp_drain,
87
-+	.pause = tcp_pause_listener,
88
- 	.listeners = LIST_HEAD_INIT(proto_tcpv4.listeners),
89
- 	.nb_listeners = 0,
90
- };
91
-@@ -102,6 +103,7 @@ static struct protocol proto_tcpv6 = {
92
- 	.get_src = tcp_get_src,
93
- 	.get_dst = tcp_get_dst,
94
- 	.drain = tcp_drain,
95
-+	.pause = tcp_pause_listener,
96
- 	.listeners = LIST_HEAD_INIT(proto_tcpv6.listeners),
97
- 	.nb_listeners = 0,
98
- };
99
-@@ -947,6 +949,22 @@ void tcpv6_add_listener(struct listener *listener)
100
- 	proto_tcpv6.nb_listeners++;
101
- }
102
- 
103
-+/* Pause a listener. Returns < 0 in case of failure, 0 if the listener
104
-+ * was totally stopped, or > 0 if correctly paused.
105
-+ */
106
-+int tcp_pause_listener(struct listener *l)
107
-+{
108
-+	if (shutdown(l->fd, SHUT_WR) != 0)
109
-+		return -1; /* Solaris dies here */
110
-+
111
-+	if (listen(l->fd, l->backlog ? l->backlog : l->maxconn) != 0)
112
-+		return -1; /* OpenBSD dies here */
113
-+
114
-+	if (shutdown(l->fd, SHUT_RD) != 0)
115
-+		return -1; /* should always be OK */
116
-+	return 1;
117
-+}
118
-+
119
- /* This function performs the TCP request analysis on the current request. It
120
-  * returns 1 if the processing can continue on next analysers, or zero if it
121
-  * needs more data, encounters an error, or wants to immediately abort the
122
-1.8.5.5
123
-

+ 0
- 47
net/haproxy/patches/0017-MEDIUM-listener-support-rebinding-during-resume.patch Просмотреть файл

@@ -1,48 +0,0 @@
1
-From ff12090bf067a1ddd56bed14cf27371cdf2e77cb Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Mon, 7 Jul 2014 21:06:24 +0200
4
-Subject: [PATCH 17/21] MEDIUM: listener: support rebinding during resume()
5
-
6
-When a listener resumes operations, supporting a full rebind makes it
7
-possible to perform a full stop as a pause(). This will be used for
8
-pausing abstract namespace unix sockets.
9
-(cherry picked from commit 1c4b814087189b4b0225a473b7cb0a844bc30839)
10
----
11
- src/listener.c | 18 +++++++++++++++++-
12
- 1 file changed, 17 insertions(+), 1 deletion(-)
13
-
14
-diff --git a/src/listener.c b/src/listener.c
15
-index 67f8ca7..11df69f 100644
16
---- a/src/listener.c
17
-+++ b/src/listener.c
18
-@@ -120,10 +120,26 @@ int pause_listener(struct listener *l)
19
-  * may replace enable_listener(). The resulting state will either be LI_READY
20
-  * or LI_FULL. 0 is returned in case of failure to resume (eg: dead socket).
21
-  * Listeners bound to a different process are not woken up unless we're in
22
-- * foreground mode.
23
-+ * foreground mode. If the listener was only in the assigned state, it's totally
24
-+ * rebound. This can happen if a pause() has completely stopped it. If the
25
-+ * resume fails, 0 is returned and an error might be displayed.
26
-  */
27
- int resume_listener(struct listener *l)
28
- {
29
-+	if (l->state == LI_ASSIGNED) {
30
-+		char msg[100];
31
-+		int err;
32
-+
33
-+		err = l->proto->bind(l, msg, sizeof(msg));
34
-+		if (err & ERR_ALERT)
35
-+			Alert("Resuming listener: %s\n", msg);
36
-+		else if (err & ERR_WARN)
37
-+			Warning("Resuming listener: %s\n", msg);
38
-+
39
-+		if (err & (ERR_FATAL | ERR_ABORT))
40
-+			return 0;
41
-+	}
42
-+
43
- 	if (l->state < LI_PAUSED)
44
- 		return 0;
45
- 
46
-1.8.5.5
47
-

+ 0
- 70
net/haproxy/patches/0018-BUG-MEDIUM-unix-completely-unbind-abstract-sockets-d.patch Просмотреть файл

@@ -1,71 +0,0 @@
1
-From 631a70f8baff6d26a2a6692ccd368de8d3948bf9 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Mon, 7 Jul 2014 21:07:51 +0200
4
-Subject: [PATCH 18/21] BUG/MEDIUM: unix: completely unbind abstract sockets
5
- during a pause()
6
-
7
-Abstract namespace sockets ignore the shutdown() call and do not make
8
-it possible to temporarily stop listening. The issue it causes is that
9
-during a soft reload, the new process cannot bind, complaining that the
10
-address is already in use.
11
-
12
-This change registers a new pause() function for unix sockets and
13
-completely unbinds the abstract ones since it's possible to rebind
14
-them later. It requires the two previous patches as well as preceeding
15
-fixes.
16
-
17
-This fix should be backported into 1.5 since the issue apperas there.
18
-(cherry picked from commit fd0e008d9d4db2f860b739bd28f6cd31d9aaf2b5)
19
----
20
- include/proto/proto_uxst.h |  1 +
21
- src/proto_uxst.c           | 15 +++++++++++++++
22
- 2 files changed, 16 insertions(+)
23
-
24
-diff --git a/include/proto/proto_uxst.h b/include/proto/proto_uxst.h
25
-index 9422ea7..8e796ec 100644
26
---- a/include/proto/proto_uxst.h
27
-+++ b/include/proto/proto_uxst.h
28
-@@ -27,6 +27,7 @@
29
- #include <types/task.h>
30
- 
31
- void uxst_add_listener(struct listener *listener);
32
-+int uxst_pause_listener(struct listener *l);
33
- int uxst_get_src(int fd, struct sockaddr *sa, socklen_t salen, int dir);
34
- int uxst_get_dst(int fd, struct sockaddr *sa, socklen_t salen, int dir);
35
- 
36
-diff --git a/src/proto_uxst.c b/src/proto_uxst.c
37
-index 409c659..adc1b46 100644
38
---- a/src/proto_uxst.c
39
-+++ b/src/proto_uxst.c
40
-@@ -68,6 +68,7 @@ static struct protocol proto_unix = {
41
- 	.disable_all = disable_all_listeners,
42
- 	.get_src = uxst_get_src,
43
- 	.get_dst = uxst_get_dst,
44
-+	.pause = uxst_pause_listener,
45
- 	.listeners = LIST_HEAD_INIT(proto_unix.listeners),
46
- 	.nb_listeners = 0,
47
- };
48
-@@ -373,6 +374,20 @@ void uxst_add_listener(struct listener *listener)
49
- 	proto_unix.nb_listeners++;
50
- }
51
- 
52
-+/* Pause a listener. Returns < 0 in case of failure, 0 if the listener
53
-+ * was totally stopped, or > 0 if correctly paused. Nothing is done for
54
-+ * plain unix sockets since currently it's the new process which handles
55
-+ * the renaming. Abstract sockets are completely unbound.
56
-+ */
57
-+int uxst_pause_listener(struct listener *l)
58
-+{
59
-+	if (((struct sockaddr_un *)&l->addr)->sun_path[0])
60
-+		return 1;
61
-+
62
-+	unbind_listener(l);
63
-+	return 0;
64
-+}
65
-+
66
- 
67
- /*
68
-  * This function initiates a UNIX connection establishment to the target assigned
69
-1.8.5.5
70
-

+ 0
- 39
net/haproxy/patches/0019-DOC-explicitly-mention-the-limits-of-abstract-namesp.patch Просмотреть файл

@@ -1,40 +0,0 @@
1
-From b4fca5dbf0cfe887b88d6213b014e2f73e02a5e6 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Tue, 8 Jul 2014 00:37:50 +0200
4
-Subject: [PATCH 19/21] DOC: explicitly mention the limits of abstract
5
- namespace sockets
6
-
7
-Listening to an abstract namespace socket is quite convenient but
8
-comes with some drawbacks that must be clearly understood when the
9
-socket is being listened to by multiple processes. The trouble is
10
-that the socket cannot be rebound if a new process attempts a soft
11
-restart and fails, so only one of the initially bound processes
12
-will still be bound to it, the other ones will fail to rebind. For
13
-most situations it's not an issue but it needs to be indicated.
14
-(cherry picked from commit 70f72e0c90691c72cb72306b718f785902270015)
15
----
16
- doc/configuration.txt | 8 +++++++-
17
- 1 file changed, 7 insertions(+), 1 deletion(-)
18
-
19
-diff --git a/doc/configuration.txt b/doc/configuration.txt
20
-index fcc6454..73195ba 100644
21
---- a/doc/configuration.txt
22
-+++ b/doc/configuration.txt
23
-@@ -1791,7 +1791,13 @@ bind /<path> [, ...] [param*]
24
-                     - 'ipv4@'  -> address is always IPv4
25
-                     - 'ipv6@'  -> address is always IPv6
26
-                     - 'unix@'  -> address is a path to a local unix socket
27
--                    - 'abns@'  -> address is in abstract namespace (Linux only)
28
-+                    - 'abns@'  -> address is in abstract namespace (Linux only).
29
-+                      Note: since abstract sockets are not "rebindable", they
30
-+                            do not cope well with multi-process mode during
31
-+                            soft-restart, so it is better to avoid them if
32
-+                            nbproc is greater than 1. The effect is that if the
33
-+                            new process fails to start, only one of the old ones
34
-+                            will be able to rebind to the socket.
35
-                     - 'fd@<n>' -> use file descriptor <n> inherited from the
36
-                       parent. The fd must be bound and may or may not already
37
-                       be listening.
38
-1.8.5.5
39
-

+ 0
- 197
net/haproxy/patches/0020-DOC-expand-the-docs-for-the-provided-stats.patch Просмотреть файл

@@ -1,198 +0,0 @@
1
-From 75c98ad211c9e1b7304033b9d3eb4fe552d725d2 Mon Sep 17 00:00:00 2001
2
-From: James Westby <james.westby@canonical.com>
3
-Date: Tue, 8 Jul 2014 10:14:57 -0400
4
-Subject: [PATCH 20/21] DOC: expand the docs for the provided stats.
5
-
6
-Indicate for each statistic which types may have a value for
7
-that statistic.
8
-
9
-Explain some of the provided statistics a little more deeply.
10
-(cherry picked from commit ebe62d645b45aa2210ef848fa16805a0aba7d75a)
11
----
12
- doc/configuration.txt | 163 +++++++++++++++++++++++++++++++-------------------
13
- 1 file changed, 100 insertions(+), 63 deletions(-)
14
-
15
-diff --git a/doc/configuration.txt b/doc/configuration.txt
16
-index 73195ba..8407500 100644
17
---- a/doc/configuration.txt
18
-+++ b/doc/configuration.txt
19
-@@ -13075,44 +13075,76 @@ text is doubled ('""'), which is the format that most tools recognize. Please
20
- do not insert any column before these ones in order not to break tools which
21
- use hard-coded column positions.
22
- 
23
--  0. pxname: proxy name
24
--  1. svname: service name (FRONTEND for frontend, BACKEND for backend, any name
25
--    for server)
26
--  2. qcur: current queued requests
27
--  3. qmax: max queued requests
28
--  4. scur: current sessions
29
--  5. smax: max sessions
30
--  6. slim: sessions limit
31
--  7. stot: total sessions
32
--  8. bin: bytes in
33
--  9. bout: bytes out
34
-- 10. dreq: denied requests
35
-- 11. dresp: denied responses
36
-- 12. ereq: request errors
37
-- 13. econ: connection errors
38
-- 14. eresp: response errors (among which srv_abrt)
39
-- 15. wretr: retries (warning)
40
-- 16. wredis: redispatches (warning)
41
-- 17. status: status (UP/DOWN/NOLB/MAINT/MAINT(via)...)
42
-- 18. weight: server weight (server), total weight (backend)
43
-- 19. act: server is active (server), number of active servers (backend)
44
-- 20. bck: server is backup (server), number of backup servers (backend)
45
-- 21. chkfail: number of failed checks
46
-- 22. chkdown: number of UP->DOWN transitions
47
-- 23. lastchg: last status change (in seconds)
48
-- 24. downtime: total downtime (in seconds)
49
-- 25. qlimit: queue limit
50
-- 26. pid: process id (0 for first instance, 1 for second, ...)
51
-- 27. iid: unique proxy id
52
-- 28. sid: service id (unique inside a proxy)
53
-- 29. throttle: warm up status
54
-- 30. lbtot: total number of times a server was selected
55
-- 31. tracked: id of proxy/server if tracking is enabled
56
-- 32. type (0=frontend, 1=backend, 2=server, 3=socket)
57
-- 33. rate: number of sessions per second over last elapsed second
58
-- 34. rate_lim: limit on new sessions per second
59
-- 35. rate_max: max number of new sessions per second
60
-- 36. check_status: status of last health check, one of:
61
-+In brackets after each field name are the types which may have a value for
62
-+that field. The types are L (Listeners), F (Frontends), B (Backends), and
63
-+S (Servers).
64
-+
65
-+  0. pxname [LFBS]: proxy name
66
-+  1. svname [LFBS]: service name (FRONTEND for frontend, BACKEND for backend,
67
-+     any name for server/listener)
68
-+  2. qcur [..BS]: current queued requests. For the backend this reports the
69
-+     number queued without a server assigned.
70
-+  3. qmax [..BS]: max value of qcur
71
-+  4. scur [LFBS]: current sessions
72
-+  5. smax [LFBS]: max sessions
73
-+  6. slim [LFBS]: configured session limit
74
-+  7. stot [LFBS]: cumulative number of connections
75
-+  8. bin [LFBS]: bytes in
76
-+  9. bout [LFBS]: bytes out
77
-+ 10. dreq [LFB.]: requests denied because of security concerns.
78
-+     - For tcp this is because of a matched tcp-request content rule.
79
-+     - For http this is because of a matched http-request or tarpit rule.
80
-+ 11. dresp [LFBS]: responses denied because of security concerns.
81
-+     - For http this is because of a matched http-request rule, or
82
-+       "option checkcache".
83
-+ 12. ereq [LF..]: request errors. Some of the possible causes are:
84
-+     - early termination from the client, before the request has been sent.
85
-+     - read error from the client
86
-+     - client timeout
87
-+     - client closed connection
88
-+     - various bad requests from the client.
89
-+     - request was tarpitted.
90
-+ 13. econ [..BS]: number of requests that encountered an error trying to
91
-+     connect to a backend server. The backend stat is the sum of the stat
92
-+     for all servers of that backend, plus any connection errors not
93
-+     associated with a particular server (such as the backend having no
94
-+     active servers).
95
-+ 14. eresp [..BS]: response errors. srv_abrt will be counted here also.
96
-+     Some other errors are:
97
-+     - write error on the client socket (won't be counted for the server stat)
98
-+     - failure applying filters to the response.
99
-+ 15. wretr [..BS]: number of times a connection to a server was retried.
100
-+ 16. wredis [..BS]: number of times a request was redispatched to another
101
-+     server. The server value counts the number of times that server was
102
-+     switched away from.
103
-+ 17. status [LFBS]: status (UP/DOWN/NOLB/MAINT/MAINT(via)...)
104
-+ 18. weight [..BS]: server weight (server), total weight (backend)
105
-+ 19. act [..BS]: server is active (server), number of active servers (backend)
106
-+ 20. bck [..BS]: server is backup (server), number of backup servers (backend)
107
-+ 21. chkfail [...S]: number of failed checks. (Only counts checks failed when
108
-+     the server is up.)
109
-+ 22. chkdown [..BS]: number of UP->DOWN transitions. The backend counter counts
110
-+     transitions to the whole backend being down, rather than the sum of the
111
-+     counters for each server.
112
-+ 23. lastchg [..BS]: number of seconds since the last UP<->DOWN transition
113
-+ 24. downtime [..BS]: total downtime (in seconds). The value for the backend
114
-+     is the downtime for the whole backend, not the sum of the server downtime.
115
-+ 25. qlimit [...S]: configured maxqueue for the server, or nothing in the
116
-+     value is 0 (default, meaning no limit)
117
-+ 26. pid [LFBS]: process id (0 for first instance, 1 for second, ...)
118
-+ 27. iid [LFBS]: unique proxy id
119
-+ 28. sid [L..S]: server id (unique inside a proxy)
120
-+ 29. throttle [...S]: current throttle percentage for the server, when
121
-+     slowstart is active, or no value if not in slowstart.
122
-+ 30. lbtot [..BS]: total number of times a server was selected, either for new
123
-+     sessions, or when re-dispatching. The server counter is the number
124
-+     of times that server was selected.
125
-+ 31. tracked [...S]: id of proxy/server if tracking is enabled.
126
-+ 32. type [LFBS]: (0=frontend, 1=backend, 2=server, 3=socket/listener)
127
-+ 33. rate [.FBS]: number of sessions per second over last elapsed second
128
-+ 34. rate_lim [.F..]: configured limit on new sessions per second
129
-+ 35. rate_max [.FBS]: max number of new sessions per second
130
-+ 36. check_status [...S]: status of last health check, one of:
131
-         UNK     -> unknown
132
-         INI     -> initializing
133
-         SOCKERR -> socket error
134
-@@ -13129,31 +13161,36 @@ use hard-coded column positions.
135
-         L7TOUT  -> layer 7 (HTTP/SMTP) timeout
136
-         L7RSP   -> layer 7 invalid response - protocol error
137
-         L7STS   -> layer 7 response error, for example HTTP 5xx
138
-- 37. check_code: layer5-7 code, if available
139
-- 38. check_duration: time in ms took to finish last health check
140
-- 39. hrsp_1xx: http responses with 1xx code
141
-- 40. hrsp_2xx: http responses with 2xx code
142
-- 41. hrsp_3xx: http responses with 3xx code
143
-- 42. hrsp_4xx: http responses with 4xx code
144
-- 43. hrsp_5xx: http responses with 5xx code
145
-- 44. hrsp_other: http responses with other codes (protocol error)
146
-- 45. hanafail: failed health checks details
147
-- 46. req_rate: HTTP requests per second over last elapsed second
148
-- 47. req_rate_max: max number of HTTP requests per second observed
149
-- 48. req_tot: total number of HTTP requests received
150
-- 49. cli_abrt: number of data transfers aborted by the client
151
-- 50. srv_abrt: number of data transfers aborted by the server (inc. in eresp)
152
-- 51. comp_in: number of HTTP response bytes fed to the compressor
153
-- 52. comp_out: number of HTTP response bytes emitted by the compressor
154
-- 53. comp_byp: number of bytes that bypassed the HTTP compressor (CPU/BW limit)
155
-- 54. comp_rsp: number of HTTP responses that were compressed
156
-- 55. lastsess: number of seconds since last session assigned to server/backend
157
-- 56. last_chk: last health check contents or textual error
158
-- 57. last_agt: last agent check contents or textual error
159
-- 58. qtime: the average queue time in ms over the 1024 last requests
160
-- 59. ctime: the average connect time in ms over the 1024 last requests
161
-- 60. rtime: the average response time in ms over the 1024 last requests (0 for TCP)
162
-- 61. ttime: the average total session time in ms over the 1024 last requests
163
-+ 37. check_code [...S]: layer5-7 code, if available
164
-+ 38. check_duration [...S]: time in ms took to finish last health check
165
-+ 39. hrsp_1xx [.FBS]: http responses with 1xx code
166
-+ 40. hrsp_2xx [.FBS]: http responses with 2xx code
167
-+ 41. hrsp_3xx [.FBS]: http responses with 3xx code
168
-+ 42. hrsp_4xx [.FBS]: http responses with 4xx code
169
-+ 43. hrsp_5xx [.FBS]: http responses with 5xx code
170
-+ 44. hrsp_other [.FBS]: http responses with other codes (protocol error)
171
-+ 45. hanafail [...S]: failed health checks details
172
-+ 46. req_rate [.F..]: HTTP requests per second over last elapsed second
173
-+ 47. req_rate_max [.F..]: max number of HTTP requests per second observed
174
-+ 48. req_tot [.F..]: total number of HTTP requests received
175
-+ 49. cli_abrt [..BS]: number of data transfers aborted by the client
176
-+ 50. srv_abrt [..BS]: number of data transfers aborted by the server
177
-+     (inc. in eresp)
178
-+ 51. comp_in [.FB.]: number of HTTP response bytes fed to the compressor
179
-+ 52. comp_out [.FB.]: number of HTTP response bytes emitted by the compressor
180
-+ 53. comp_byp [.FB.]: number of bytes that bypassed the HTTP compressor
181
-+     (CPU/BW limit)
182
-+ 54. comp_rsp [.FB.]: number of HTTP responses that were compressed
183
-+ 55. lastsess [..BS]: number of seconds since last session assigned to
184
-+     server/backend
185
-+ 56. last_chk [...S]: last health check contents or textual error
186
-+ 57. last_agt [...S]: last agent check contents or textual error
187
-+ 58. qtime [..BS]: the average queue time in ms over the 1024 last requests
188
-+ 59. ctime [..BS]: the average connect time in ms over the 1024 last requests
189
-+ 60. rtime [..BS]: the average response time in ms over the 1024 last requests
190
-+     (0 for TCP)
191
-+ 61. ttime [..BS]: the average total session time in ms over the 1024 last
192
-+     requests
193
- 
194
- 
195
- 9.2. Unix Socket commands
196
-1.8.5.5
197
-

+ 0
- 137
net/haproxy/patches/0021-BUG-MEDIUM-backend-Update-hash-to-use-unsigned-int-t.patch Просмотреть файл

@@ -1,138 +0,0 @@
1
-From 82456753cae9200aa1f4031f64c22c08e130f072 Mon Sep 17 00:00:00 2001
2
-From: Dan Dubovik <ddubovik@godaddy.com>
3
-Date: Tue, 8 Jul 2014 08:51:03 -0700
4
-Subject: [PATCH 21/21] BUG/MEDIUM: backend: Update hash to use unsigned int
5
- throughout
6
-
7
-When we were generating a hash, it was done using an unsigned long.  When the hash was used
8
-to select a backend, it was sent as an unsigned int.  This made it difficult to predict which
9
-backend would be selected.
10
-
11
-This patch updates get_hash, and the hash methods to use an unsigned int, to remain consistent
12
-throughout the codebase.
13
-
14
-This fix should be backported to 1.5 and probably in part to 1.4.
15
-(cherry picked from commit bd57a9f977f60fcf7818f462953da3740e3bd010)
16
----
17
- include/common/hash.h |  6 +++---
18
- src/backend.c         | 14 +++++++-------
19
- src/hash.c            | 10 +++++-----
20
- 3 files changed, 15 insertions(+), 15 deletions(-)
21
-
22
-diff --git a/include/common/hash.h b/include/common/hash.h
23
-index 379bf89..7039ba5 100644
24
---- a/include/common/hash.h
25
-+++ b/include/common/hash.h
26
-@@ -22,8 +22,8 @@
27
- #ifndef _COMMON_HASH_H_
28
- #define _COMMON_HASH_H_
29
- 
30
--unsigned long hash_djb2(const char *key, int len);
31
--unsigned long hash_wt6(const char *key, int len);
32
--unsigned long hash_sdbm(const char *key, int len);
33
-+unsigned int hash_djb2(const char *key, int len);
34
-+unsigned int hash_wt6(const char *key, int len);
35
-+unsigned int hash_sdbm(const char *key, int len);
36
- 
37
- #endif /* _COMMON_HASH_H_ */
38
-diff --git a/src/backend.c b/src/backend.c
39
-index 5ddb88c..a96b767 100644
40
---- a/src/backend.c
41
-+++ b/src/backend.c
42
-@@ -63,9 +63,9 @@ int be_lastsession(const struct proxy *be)
43
- }
44
- 
45
- /* helper function to invoke the correct hash method */
46
--static unsigned long gen_hash(const struct proxy* px, const char* key, unsigned long len)
47
-+static unsigned int gen_hash(const struct proxy* px, const char* key, unsigned long len)
48
- {
49
--	unsigned long hash;
50
-+	unsigned int hash;
51
- 
52
- 	switch (px->lbprm.algo & BE_LB_HASH_FUNC) {
53
- 	case BE_LB_HFCN_DJB2:
54
-@@ -183,7 +183,7 @@ struct server *get_server_sh(struct proxy *px, const char *addr, int len)
55
-  */
56
- struct server *get_server_uh(struct proxy *px, char *uri, int uri_len)
57
- {
58
--	unsigned long hash = 0;
59
-+	unsigned int hash = 0;
60
- 	int c;
61
- 	int slashes = 0;
62
- 	const char *start, *end;
63
-@@ -232,7 +232,7 @@ struct server *get_server_uh(struct proxy *px, char *uri, int uri_len)
64
-  */
65
- struct server *get_server_ph(struct proxy *px, const char *uri, int uri_len)
66
- {
67
--	unsigned long hash = 0;
68
-+	unsigned int hash = 0;
69
- 	const char *start, *end;
70
- 	const char *p;
71
- 	const char *params;
72
-@@ -294,7 +294,7 @@ struct server *get_server_ph(struct proxy *px, const char *uri, int uri_len)
73
-  */
74
- struct server *get_server_ph_post(struct session *s)
75
- {
76
--	unsigned long    hash = 0;
77
-+	unsigned int hash = 0;
78
- 	struct http_txn *txn  = &s->txn;
79
- 	struct channel   *req = s->req;
80
- 	struct http_msg *msg  = &txn->req;
81
-@@ -372,7 +372,7 @@ struct server *get_server_ph_post(struct session *s)
82
-  */
83
- struct server *get_server_hh(struct session *s)
84
- {
85
--	unsigned long    hash = 0;
86
-+	unsigned int hash = 0;
87
- 	struct http_txn *txn  = &s->txn;
88
- 	struct proxy    *px   = s->be;
89
- 	unsigned int     plen = px->hh_len;
90
-@@ -444,7 +444,7 @@ struct server *get_server_hh(struct session *s)
91
- /* RDP Cookie HASH.  */
92
- struct server *get_server_rch(struct session *s)
93
- {
94
--	unsigned long    hash = 0;
95
-+	unsigned int hash = 0;
96
- 	struct proxy    *px   = s->be;
97
- 	unsigned long    len;
98
- 	int              ret;
99
-diff --git a/src/hash.c b/src/hash.c
100
-index 034685e..aa236cb 100644
101
---- a/src/hash.c
102
-+++ b/src/hash.c
103
-@@ -17,7 +17,7 @@
104
- #include <common/hash.h>
105
- 
106
- 
107
--unsigned long hash_wt6(const char *key, int len)
108
-+unsigned int hash_wt6(const char *key, int len)
109
- {
110
- 	unsigned h0 = 0xa53c965aUL;
111
- 	unsigned h1 = 0x5ca6953aUL;
112
-@@ -44,9 +44,9 @@ unsigned long hash_wt6(const char *key, int len)
113
- 	return h0 ^ h1;
114
- }
115
- 
116
--unsigned long hash_djb2(const char *key, int len)
117
-+unsigned int hash_djb2(const char *key, int len)
118
- {
119
--	unsigned long hash = 5381;
120
-+	unsigned int hash = 5381;
121
- 
122
- 	/* the hash unrolled eight times */
123
- 	for (; len >= 8; len -= 8) {
124
-@@ -72,9 +72,9 @@ unsigned long hash_djb2(const char *key, int len)
125
- 	return hash;
126
- }
127
- 
128
--unsigned long hash_sdbm(const char *key, int len)
129
-+unsigned int hash_sdbm(const char *key, int len)
130
- {
131
--	unsigned long hash = 0;
132
-+	unsigned int hash = 0;
133
- 	int c;
134
- 
135
- 	while (len--) {
136
-1.8.5.5
137
-

+ 0
- 74
net/haproxy/patches/0022-DOC-minor-fix-on-sc-src-_kbytes_-in-out.patch Просмотреть файл

@@ -1,75 +0,0 @@
1
-From 911780c5f0e20760164cb0f9b92318185651237c Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Thu, 10 Jul 2014 15:29:24 +0200
4
-Subject: [PATCH 22/25] DOC: minor fix on {sc,src}_kbytes_{in,out}
5
-
6
-These ones report total amount of bytes, not byte rates.
7
-This fix should be backported into 1.5 which has the same error.
8
-(cherry picked from commit a01b974d5f5a067d99f288dcb3e05b78fe780a76)
9
----
10
- doc/configuration.txt | 35 ++++++++++++++++-------------------
11
- 1 file changed, 16 insertions(+), 19 deletions(-)
12
-
13
-diff --git a/doc/configuration.txt b/doc/configuration.txt
14
-index 8407500..b6d1b3b 100644
15
---- a/doc/configuration.txt
16
-+++ b/doc/configuration.txt
17
-@@ -10386,19 +10386,17 @@ sc_kbytes_in(<ctr>[,<table>]) : integer
18
- sc0_kbytes_in([<table>]) : integer
19
- sc1_kbytes_in([<table>]) : integer
20
- sc2_kbytes_in([<table>]) : integer
21
--  Returns the amount of client-to-server data from the currently tracked
22
--  counters, measured in kilobytes over the period configured in the table. The
23
--  test is currently performed on 32-bit integers, which limits values to 4
24
--  terabytes. See also src_kbytes_in.
25
-+  Returns the total amount of client-to-server data from the currently tracked
26
-+  counters, measured in kilobytes. The test is currently performed on 32-bit
27
-+  integers, which limits values to 4 terabytes. See also src_kbytes_in.
28
- 
29
- sc_kbytes_out(<ctr>[,<table>]) : integer
30
- sc0_kbytes_out([<table>]) : integer
31
- sc1_kbytes_out([<table>]) : integer
32
- sc2_kbytes_out([<table>]) : integer
33
--  Returns the amount of server-to-client data from the currently tracked
34
--  counters, measured in kilobytes over the period configured in the table. The
35
--  test is currently performed on 32-bit integers, which limits values to 4
36
--  terabytes. See also src_kbytes_out.
37
-+  Returns the total amount of server-to-client data from the currently tracked
38
-+  counters, measured in kilobytes. The test is currently performed on 32-bit
39
-+  integers, which limits values to 4 terabytes. See also src_kbytes_out.
40
- 
41
- sc_sess_cnt(<ctr>[,<table>]) : integer
42
- sc0_sess_cnt([<table>]) : integer
43
-@@ -10562,19 +10560,18 @@ src_inc_gpc0([<table>]) : integer
44
-         tcp-request connection reject if abuse kill
45
- 
46
- src_kbytes_in([<table>]) : integer
47
--  Returns the amount of data received from the incoming connection's source
48
--  address in the current proxy's stick-table or in the designated stick-table,
49
--  measured in kilobytes over the period configured in the table. If the address
50
--  is not found, zero is returned. The test is currently performed on 32-bit
51
--  integers, which limits values to 4 terabytes. See also
52
--  sc/sc0/sc1/sc2_kbytes_in.
53
-+  Returns the total amount of data received from the incoming connection's
54
-+  source address in the current proxy's stick-table or in the designated
55
-+  stick-table, measured in kilobytes. If the address is not found, zero is
56
-+  returned. The test is currently performed on 32-bit integers, which limits
57
-+  values to 4 terabytes. See also sc/sc0/sc1/sc2_kbytes_in.
58
- 
59
- src_kbytes_out([<table>]) : integer
60
--  Returns the amount of data sent to the incoming connection's source address
61
--  in the current proxy's stick-table or in the designated stick-table, measured
62
--  in kilobytes over the period configured in the table. If the address is not
63
--  found, zero is returned. The test is currently performed on 32-bit integers,
64
--  which limits values to 4 terabytes. See also sc/sc0/sc1/sc2_kbytes_out.
65
-+  Returns the total amount of data sent to the incoming connection's source
66
-+  address in the current proxy's stick-table or in the designated stick-table,
67
-+  measured in kilobytes. If the address is not found, zero is returned. The
68
-+  test is currently performed on 32-bit integers, which limits values to 4
69
-+  terabytes. See also sc/sc0/sc1/sc2_kbytes_out.
70
- 
71
- src_port : integer
72
-   Returns an integer value corresponding to the TCP source port of the
73
-1.8.5.5
74
-

+ 0
- 83
net/haproxy/patches/0023-DOC-fix-alphabetical-sort-of-converters.patch Просмотреть файл

@@ -1,84 +0,0 @@
1
-From 644d9ef5af4f8010412007374c345f7465c97391 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Thu, 10 Jul 2014 16:29:08 +0200
4
-Subject: [PATCH 23/25] DOC: fix alphabetical sort of converters
5
-
6
-For an unknown reason, these ones were not sorted.
7
-(cherry picked from commit ffcb2e4b42acd710121a57eb39651a373d904e5b)
8
----
9
- doc/configuration.txt | 32 ++++++++++++++++----------------
10
- 1 file changed, 16 insertions(+), 16 deletions(-)
11
-
12
-diff --git a/doc/configuration.txt b/doc/configuration.txt
13
-index b6d1b3b..f8199b9 100644
14
---- a/doc/configuration.txt
15
-+++ b/doc/configuration.txt
16
-@@ -9887,28 +9887,12 @@ base64
17
-   transfer binary content in a way that can be reliably transferred (eg:
18
-   an SSL ID can be copied in a header).
19
- 
20
--lower
21
--  Convert a string sample to lower case. This can only be placed after a string
22
--  sample fetch function or after a transformation keyword returning a string
23
--  type. The result is of type string.
24
--
25
--upper
26
--  Convert a string sample to upper case. This can only be placed after a string
27
--  sample fetch function or after a transformation keyword returning a string
28
--  type. The result is of type string.
29
--
30
- hex
31
-   Converts a binary input sample to an hex string containing two hex digits per
32
-   input byte. It is used to log or transfer hex dumps of some binary input data
33
-   in a way that can be reliably transferred (eg: an SSL ID can be copied in a
34
-   header).
35
- 
36
--ipmask(<mask>)
37
--  Apply a mask to an IPv4 address, and use the result for lookups and storage.
38
--  This can be used to make all hosts within a certain mask to share the same
39
--  table entries and as such use the same server. The mask can be passed in
40
--  dotted form (eg: 255.255.255.0) or in CIDR form (eg: 24).
41
--
42
- http_date([<offset>])
43
-   Converts an integer supposed to contain a date since epoch to a string
44
-   representing this date in a format suitable for use in HTTP header fields. If
45
-@@ -9917,6 +9901,12 @@ http_date([<offset>])
46
-   emit Date header fields, Expires values in responses when combined with a
47
-   positive offset, or Last-Modified values when the offset is negative.
48
- 
49
-+ipmask(<mask>)
50
-+  Apply a mask to an IPv4 address, and use the result for lookups and storage.
51
-+  This can be used to make all hosts within a certain mask to share the same
52
-+  table entries and as such use the same server. The mask can be passed in
53
-+  dotted form (eg: 255.255.255.0) or in CIDR form (eg: 24).
54
-+
55
- language(<value>[,<default>])
56
-   Returns the value with the highest q-factor from a list as extracted from the
57
-   "accept-language" header using "req.fhdr". Values with no q-factor have a
58
-@@ -9944,6 +9934,11 @@ language(<value>[,<default>])
59
-     use_backend english if en
60
-     default_backend choose_your_language
61
- 
62
-+lower
63
-+  Convert a string sample to lower case. This can only be placed after a string
64
-+  sample fetch function or after a transformation keyword returning a string
65
-+  type. The result is of type string.
66
-+
67
- map(<map_file>[,<default_value>])
68
- map_<match_type>(<map_file>[,<default_value>])
69
- map_<match_type>_<output_type>(<map_file>[,<default_value>])
70
-@@ -10001,6 +9996,11 @@ map_<match_type>_<output_type>(<map_file>[,<default_value>])
71
-       |       `---------------------------- key
72
-       `------------------------------------ leading spaces ignored
73
- 
74
-+upper
75
-+  Convert a string sample to upper case. This can only be placed after a string
76
-+  sample fetch function or after a transformation keyword returning a string
77
-+  type. The result is of type string.
78
-+
79
- 
80
- 7.3.2. Fetching samples from internal states
81
- --------------------------------------------
82
-1.8.5.5
83
-

+ 0
- 166
net/haproxy/patches/0024-BUG-MAJOR-http-correctly-rewind-the-request-body-aft.patch Просмотреть файл

@@ -1,167 +0,0 @@
1
-From 5bebcd06287be9024f0fba25f350393f02e050c1 Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Thu, 10 Jul 2014 19:06:10 +0200
4
-Subject: [PATCH 24/25] BUG/MAJOR: http: correctly rewind the request body
5
- after start of forwarding
6
-
7
-Daniel Dubovik reported an interesting bug showing that the request body
8
-processing was still not 100% fixed. If a POST request contained short
9
-enough data to be forwarded at once before trying to establish the
10
-connection to the server, we had no way to correctly rewind the body.
11
-
12
-The first visible case is that balancing on a header does not always work
13
-on such POST requests since the header cannot be found. But there are even
14
-nastier implications which are that http-send-name-header would apply to
15
-the wrong location and possibly even affect part of the request's body
16
-due to an incorrect rewinding.
17
-
18
-There are two options to fix the problem :
19
-  - first one is to force the HTTP_MSG_F_WAIT_CONN flag on all hash-based
20
-    balancing algorithms and http-send-name-header, but there's always a
21
-    risk that any new algorithm forgets to set it ;
22
-
23
-  - the second option is to account for the amount of skipped data before
24
-    the connection establishes so that we always know the position of the
25
-    request's body relative to the buffer's origin.
26
-
27
-The second option is much more reliable and fits very well in the spirit
28
-of the past changes to fix forwarding. Indeed, at the moment we have
29
-msg->sov which points to the start of the body before headers are forwarded
30
-and which equals zero afterwards (so it still points to the start of the
31
-body before forwarding data). A minor change consists in always making it
32
-point to the start of the body even after data have been forwarded. It means
33
-that it can get a negative value (so we need to change its type to signed)..
34
-
35
-In order to avoid wrapping, we only do this as long as the other side of
36
-the buffer is not connected yet.
37
-
38
-Doing this definitely fixes the issues above for the requests. Since the
39
-response cannot be rewound we don't need to perform any change there.
40
-
41
-This bug was introduced/remained unfixed in 1.5-dev23 so the fix must be
42
-backported to 1.5.
43
-(cherry picked from commit bb2e669f9e73531ac9cc9277b40066b701eec918)
44
----
45
- doc/internals/body-parsing.txt | 20 +++++++++++++-------
46
- include/types/proto_http.h     | 11 ++++++-----
47
- src/proto_http.c               |  9 +++++++--
48
- 3 files changed, 26 insertions(+), 14 deletions(-)
49
-
50
-diff --git a/doc/internals/body-parsing.txt b/doc/internals/body-parsing.txt
51
-index e9c8b4b..5baa549 100644
52
---- a/doc/internals/body-parsing.txt
53
-+++ b/doc/internals/body-parsing.txt
54
-@@ -67,12 +67,17 @@ msg.next : points to the next byte to inspect. This offset is automatically
55
-            automatically adjusted to the number of bytes already inspected.
56
- 
57
- msg.sov  : start of value. First character of the header's value in the header
58
--           states, start of the body in the data states until headers are
59
--           forwarded. This offset is automatically adjusted when inserting or
60
--           removing some headers. In data states, it always constains the size
61
--           of the whole HTTP headers (including the trailing CRLF) that needs
62
--           to be forwarded before the first byte of body. Once the headers are
63
--           forwarded, this value drops to zero.
64
-+           states, start of the body in the data states. Strictly positive
65
-+           values indicate that headers were not forwarded yet (<buf.p> is
66
-+           before the start of the body), and null or positive values are seen
67
-+           after headers are forwarded (<buf.p> is at or past the start of the
68
-+           body). The value stops changing when data start to leave the buffer
69
-+           (in order to avoid integer overflows). So the maximum possible range
70
-+           is -<buf.size> to +<buf.size>. This offset is automatically adjusted
71
-+           when inserting or removing some headers. It is useful to rewind the
72
-+           request buffer to the beginning of the body at any phase. The
73
-+           response buffer does not really use it since it is immediately
74
-+           forwarded to the client.
75
- 
76
- msg.sol  : start of line. Points to the beginning of the current header line
77
-            while parsing headers. It is cleared to zero in the BODY state,
78
-@@ -97,7 +102,8 @@ msg.eol  : end of line. Points to the CRLF or LF of the current header line
79
-            states nor by forwarding.
80
- 
81
- The beginning of the message headers can always be found this way even after
82
--headers have been forwarded :
83
-+headers or data have been forwarded, provided that everything is still present
84
-+in the buffer :
85
- 
86
-             headers = buf.p + msg->sov - msg->eoh - msg->eol
87
- 
88
-diff --git a/include/types/proto_http.h b/include/types/proto_http.h
89
-index 12e1141..c53c7fd 100644
90
---- a/include/types/proto_http.h
91
-+++ b/include/types/proto_http.h
92
-@@ -329,7 +329,8 @@ enum {
93
-  * message or a response message.
94
-  *
95
-  * The values there are a little bit obscure, because their meaning can change
96
-- * during the parsing :
97
-+ * during the parsing. Please read carefully doc/internal/body-parsing.txt if
98
-+ * you need to manipulate them. Quick reminder :
99
-  *
100
-  *  - eoh (End of Headers)   : relative offset in the buffer of first byte that
101
-  *                             is not part of a completely processed header.
102
-@@ -344,9 +345,9 @@ enum {
103
-  *  - sov (start of value)   : Before HTTP_MSG_BODY, points to the value of
104
-  *                             the header being parsed. Starting from
105
-  *                             HTTP_MSG_BODY, will point to the start of the
106
-- *                             body (relative to buffer's origin), or to data
107
-- *                             following a chunk size. Thus <sov> bytes of
108
-- *                             headers will have to be sent only once.
109
-+ *                             body (relative to buffer's origin). It can be
110
-+ *                             negative when forwarding data. It stops growing
111
-+ *                             once data start to leave the buffer.
112
-  *
113
-  *  - next (parse pointer)   : next relative byte to be parsed. Always points
114
-  *                             to a byte matching the current state.
115
-@@ -372,7 +373,7 @@ struct http_msg {
116
- 	/* 6 bytes unused here */
117
- 	struct channel *chn;                   /* pointer to the channel transporting the message */
118
- 	unsigned int next;                     /* pointer to next byte to parse, relative to buf->p */
119
--	unsigned int sov;                      /* current header: start of value */
120
-+	int sov;                               /* current header: start of value ; data: start of body */
121
- 	unsigned int eoh;                      /* End Of Headers, relative to buffer */
122
- 	unsigned int sol;                      /* start of current line during parsing otherwise zero */
123
- 	unsigned int eol;                      /* end of line */
124
-diff --git a/src/proto_http.c b/src/proto_http.c
125
-index 4a862b0..94afed7 100644
126
---- a/src/proto_http.c
127
-+++ b/src/proto_http.c
128
-@@ -5315,7 +5315,7 @@ int http_request_forward_body(struct session *s, struct channel *req, int an_bit
129
- 	 * an "Expect: 100-continue" header.
130
- 	 */
131
- 
132
--	if (msg->sov) {
133
-+	if (msg->sov > 0) {
134
- 		/* we have msg->sov which points to the first byte of message
135
- 		 * body, and req->buf.p still points to the beginning of the
136
- 		 * message. We forward the headers now, as we don't need them
137
-@@ -5429,6 +5429,8 @@ int http_request_forward_body(struct session *s, struct channel *req, int an_bit
138
- 			 * such as last chunk of data or trailers.
139
- 			 */
140
- 			b_adv(req->buf, msg->next);
141
-+			if (unlikely(!(s->rep->flags & CF_READ_ATTACHED)))
142
-+				msg->sov -= msg->next;
143
- 			msg->next = 0;
144
- 
145
- 			/* for keep-alive we don't want to forward closes on DONE */
146
-@@ -5479,6 +5481,9 @@ int http_request_forward_body(struct session *s, struct channel *req, int an_bit
147
-  missing_data:
148
- 	/* we may have some pending data starting at req->buf->p */
149
- 	b_adv(req->buf, msg->next);
150
-+	if (unlikely(!(s->rep->flags & CF_READ_ATTACHED)))
151
-+		msg->sov -= msg->next + MIN(msg->chunk_len, req->buf->i);
152
-+
153
- 	msg->next = 0;
154
- 	msg->chunk_len -= channel_forward(req, msg->chunk_len);
155
- 
156
-@@ -6493,7 +6498,7 @@ int http_response_forward_body(struct session *s, struct channel *res, int an_bi
157
- 	/* in most states, we should abort in case of early close */
158
- 	channel_auto_close(res);
159
- 
160
--	if (msg->sov) {
161
-+	if (msg->sov > 0) {
162
- 		/* we have msg->sov which points to the first byte of message
163
- 		 * body, and res->buf.p still points to the beginning of the
164
- 		 * message. We forward the headers now, as we don't need them
165
-1.8.5.5
166
-

+ 0
- 47
net/haproxy/patches/0025-DOC-remove-references-to-CPU-native-in-the-README.patch Просмотреть файл

@@ -1,48 +0,0 @@
1
-From 94fb38fbb77e664e4f41343257a26ae5bab40d1d Mon Sep 17 00:00:00 2001
2
-From: Willy Tarreau <w@1wt.eu>
3
-Date: Thu, 10 Jul 2014 20:24:25 +0200
4
-Subject: [PATCH 25/25] DOC: remove references to CPU=native in the README
5
-
6
-Certain compilers running in virtualized environments may produce code
7
-that the same processor cannot execute with -march=native, either because
8
-of hypervisor bugs reporting wrong CPU features, or because of compiler
9
-bugs forgetting to check CPU features. So better stop recommending this
10
-combination so that users don't get trapped anymore.
11
-(cherry picked from commit 817dad50b02d1a82d495dfea4eab9e3a91127391)
12
----
13
- README | 9 +++++----
14
- 1 file changed, 5 insertions(+), 4 deletions(-)
15
-
16
-diff --git a/README b/README
17
-index 0ef0179..e2b8570 100644
18
---- a/README
19
-+++ b/README
20
-@@ -53,8 +53,9 @@ one of the following choices to the CPU variable :
21
-   - i686 for intel PentiumPro, Pentium 2 and above, AMD Athlon
22
-   - i586 for intel Pentium, AMD K6, VIA C3.
23
-   - ultrasparc : Sun UltraSparc I/II/III/IV processor
24
--  - native : use the build machine's specific processor optimizations
25
--  - generic : any other processor or no specific optimization. (default)
26
-+  - native : use the build machine's specific processor optimizations. Use with
27
-+    extreme care, and never in virtualized environments (known to break).
28
-+  - generic : any other processor or no CPU-specific optimization. (default)
29
- 
30
- Alternatively, you may just set the CPU_CFLAGS value to the optimal GCC options
31
- for your platform.
32
-@@ -132,11 +133,11 @@ And I build it this way on OpenBSD or FreeBSD :
33
- 
34
- And on a classic Linux with SSL and ZLIB support (eg: Red Hat 5.x) :
35
- 
36
--    $ make TARGET=linux26 CPU=native USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
37
-+    $ make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
38
- 
39
- And on a recent Linux >= 2.6.28 with SSL and ZLIB support :
40
- 
41
--    $ make TARGET=linux2628 CPU=native USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
42
-+    $ make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
43
- 
44
- In order to build a 32-bit binary on an x86_64 Linux system with SSL support
45
- without support for compression but when OpenSSL requires ZLIB anyway :
46
-1.8.5.5
47
-